CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21840 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21840
25 Aug 2021 — An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input used to process an atom using the “saio” FOURCC code cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21836 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21836
25 Aug 2021 — An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input using the “ctts” FOURCC code can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21834 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21834
25 Aug 2021 — An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom for the “co64” FOURCC can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21835 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21835
25 Aug 2021 — An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom associated with the “csgp” FOURCC can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2021-30996 – Apple Security Advisory 2021-12-15-1
https://notcve.org/view.php?id=CVE-2021-30996
24 Aug 2021 —  Una aplicación maliciosa puede ejecutar código arbitrario con privilegios de kernel macOS Monterey 12.1 addresses buffer overflow, bypass, code execution, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212976 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2021-30995 – Apple macOS fclonefileat Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-30995
24 Aug 2021 — An attacker can leverage this vulnerability to escalate privileges from low integrity and execute code in the context of root. tvOS 15.2 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212975 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30993 – Apple Security Advisory 2021-12-15-1
https://notcve.org/view.php?id=CVE-2021-30993
24 Aug 2021 —  Un atacante en una posición de red privilegiada puede ejecutar código arbitrario macOS Monterey 12.1 addresses buffer overflow, bypass, code execution, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212975 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2021-30990 – Apple Security Advisory 2021-12-15-1
https://notcve.org/view.php?id=CVE-2021-30990
24 Aug 2021 —  Una aplicación maliciosa puede pasar por alto las comprobaciones de Gatekeeper macOS Monterey 12.1 addresses buffer overflow, bypass, code execution, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212978 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30987 – Apple Security Advisory 2021-12-15-1
https://notcve.org/view.php?id=CVE-2021-30987
24 Aug 2021 —  Se puede realizar un seguimiento pasivo de un dispositivo por medio de BSSID macOS Monterey 12.1 addresses buffer overflow, bypass, code execution, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212978 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30986 – Apple Security Advisory 2021-12-15-1
https://notcve.org/view.php?id=CVE-2021-30986
24 Aug 2021 —  Un dispositivo puede ser rastreado pasivamente por su dirección MAC de Bluetooth macOS Monterey 12.1 addresses buffer overflow, bypass, code execution, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212978 •