CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30752
https://notcve.org/view.php?id=CVE-2021-30752
Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An out-of-bounds read was addressed with improved input validation. El procesamiento de una imagen maliciosamente diseñada puede conllevar a una ejecución de código arbitrario. Este problema se corrigió en macOS Big Sur versión 11.3, iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 https://support.apple.com/en-us/HT212325 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30750
https://notcve.org/view.php?id=CVE-2021-30750
The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.3. A malicious application may be able to access the user's recent contacts. Se abordó este problema con una lógica de permisos mejorada. Este problema se corrigió en macOS Big Sur versión 11.3. • https://support.apple.com/en-us/HT212325 • CWE-276: Incorrect Default Permissions •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30803
https://notcve.org/view.php?id=CVE-2021-30803
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access a user’s recent Contacts. Se abordó un problema de permisos con una comprobación mejorada. Este problema se corrigió en macOS Big Sur versión 11.5. • https://support.apple.com/en-us/HT212602 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31013
https://notcve.org/view.php?id=CVE-2021-31013
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. Processing a maliciously crafted font may result in the disclosure of process memory. Se ha solucionado una lectura fuera de límites con una comprobación de límites mejorada. Este problema se ha solucionado en macOS Monterey 12.1, iOS 15.2 y iPadOS 15.2, macOS Big Sur 11.6.2. • https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2021-31010 – Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31010
A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release.. Se ha solucionado un problema de deserialización mediante una validación mejorada. • https://support.apple.com/en-us/HT212804 https://support.apple.com/en-us/HT212805 https://support.apple.com/en-us/HT212806 https://support.apple.com/en-us/HT212807 https://support.apple.com/en-us/HT212824 • CWE-502: Deserialization of Untrusted Data •