CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30792 – Apple macOS ModelIO ABC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30792
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en iOS versión 14.7, macOS Big Sur versión 11.5. • https://support.apple.com/en-us/HT212601 https://support.apple.com/en-us/HT212602 https://support.apple.com/kb/HT212600 https://support.apple.com/kb/HT212603 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30802
https://notcve.org/view.php?id=CVE-2021-30802
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema se corrigió en iOS versión 14.7 y tvOS versión 14.7. • https://support.apple.com/en-us/HT212601 https://support.apple.com/en-us/HT212604 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30797 – webkitgtk: Insufficient checks leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30797
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution. Este problema se abordó con una comprobación mejorada. Este problema se corrigió en iOS versión 14.7, Safari versión 14.1.2, macOS Big Sur versión 11.5, watchOS versión 7.6, tvOS versión 14.7. • https://support.apple.com/en-us/HT212601 https://support.apple.com/en-us/HT212602 https://support.apple.com/en-us/HT212604 https://support.apple.com/en-us/HT212605 https://support.apple.com/en-us/HT212606 https://access.redhat.com/security/cve/CVE-2021-30797 https://bugzilla.redhat.com/show_bug.cgi?id=1986902 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30795 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30795
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema se corrigió en iOS versión 14.7, Safari versión 14.1.2, macOS Big Sur versión 11.5, watchOS versión 7.6, tvOS versión 14.7. • https://support.apple.com/en-us/HT212601 https://support.apple.com/en-us/HT212602 https://support.apple.com/en-us/HT212604 https://support.apple.com/en-us/HT212605 https://support.apple.com/en-us/HT212606 https://access.redhat.com/security/cve/CVE-2021-30795 https://bugzilla.redhat.com/show_bug.cgi?id=1986900 • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-30798
https://notcve.org/view.php?id=CVE-2021-30798
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences. Se abordó un problema lógico con una administración de estado mejorada. Este problema se corrigió en iOS versión 14.7, macOS Big Sur versión 11.5, watchOS versión 7.6. • https://support.apple.com/en-us/HT212601 https://support.apple.com/en-us/HT212602 https://support.apple.com/en-us/HT212605 •