CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 0CVE-2021-30811
https://notcve.org/view.php?id=CVE-2021-30811
This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8. A local attacker may be able to read sensitive information. Este problema se abordó con controles mejorados. Este problema es corregido en iOS versión 15 y iPadOS versión 15, watchOS versión 8. • http://seclists.org/fulldisclosure/2021/Oct/61 http://seclists.org/fulldisclosure/2021/Oct/62 https://support.apple.com/en-us/HT212814 https://support.apple.com/en-us/HT212819 https://support.apple.com/kb/HT212600 https://support.apple.com/kb/HT212603 https://support.apple.com/kb/HT212804 •
CVSS: 7.6EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30652
https://notcve.org/view.php?id=CVE-2021-30652
A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to gain root privileges. Se abordó una condición de carrera con una comprobación adicional. Este problema es corregido en Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS versión 14.5 y iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5, macOS Big Sur versión 11.3. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 https://support.apple.com/en-us/HT212327 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2021-30655
https://notcve.org/view.php?id=CVE-2021-30655
An application may be able to execute arbitrary code with system privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. The issue was addressed with improved permissions logic. Una aplicación puede ser capaz de ejecutar código arbitrario con privilegios del sistema. Este problema es corregido en macOS Big Sur versión 11.3, Security Update 2021-002 Catalina. • https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2021-30712
https://notcve.org/view.php?id=CVE-2021-30712
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina y Security Update 2021-004 Mojave. • https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 •
CVSS: 4.6EPSS: 0%CPEs: 30EXPL: 0CVE-2021-30702
https://notcve.org/view.php?id=CVE-2021-30702
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A person with physical access to a Mac may be able to bypass Login Window. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. • https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 • CWE-287: Improper Authentication •