CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30664
https://notcve.org/view.php?id=CVE-2021-30664
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.3, iOS versión 14.5 y iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 https://support.apple.com/en-us/HT212325 • CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30714
https://notcve.org/view.php?id=CVE-2021-30714
A race condition was addressed with improved state handling. This issue is fixed in iOS 14.6 and iPadOS 14.6. An application may be able to cause unexpected system termination or write kernel memory. Se abordó una condición de carrera con un manejo de estado mejorada. Este problema es corregido en iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30804
https://notcve.org/view.php?id=CVE-2021-30804
A permissions issue was addressed with improved validation. This issue is fixed in iOS 14.7. A malicious application may be able to access Find My data. Se abordó un problema de permisos con una comprobación mejorada. Este problema se corrigió en iOS versión 14.7. • https://support.apple.com/en-us/HT212601 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30762 – Apple iOS WebKit Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-30762
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. • https://support.apple.com/en-us/HT212548 https://access.redhat.com/security/cve/CVE-2021-30762 https://bugzilla.redhat.com/show_bug.cgi?id=1986898 • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30761 – Apple iOS WebKit Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2021-30761
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. • https://support.apple.com/en-us/HT212548 https://access.redhat.com/security/cve/CVE-2021-30761 https://bugzilla.redhat.com/show_bug.cgi?id=1986894 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •