CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30708 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30708
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30704
https://notcve.org/view.php?id=CVE-2021-30704
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en tvOS versión 14.6, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30700
https://notcve.org/view.php?id=CVE-2021-30700
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted image may lead to disclosure of user information. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.4, tvOS versión 14.6, watchOS versión 7.5, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-30698
https://notcve.org/view.php?id=CVE-2021-30698
A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service. Se abordó un problema de desviación de puntero nulo con una comprobación de entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Safari versión 14.1.1, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212534 • CWE-476: NULL Pointer Dereference •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30667
https://notcve.org/view.php?id=CVE-2021-30667
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.6 and iPadOS 14.6. An attacker in WiFi range may be able to force a client to use a less secure authentication mechanism. Se abordó un problema lógico con una comprobación mejorada. Este problema es corregido en iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 • CWE-287: Improper Authentication •