CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2021-31292 – exiv2: Integer overflow in CrwMap:encode0x1810 leading to heap-based buffer overflow and DoS
https://notcve.org/view.php?id=CVE-2021-31292
26 Jul 2021 — An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata. ... A integer wraparound in the CrwMap:encode0x1810 function leads to memcpy call with a very large size allowing an attacker, who can provide a malicious image, to crash an application which uses the exiv2 library. ... Issues addressed include buffer overflow, denial of service, information leakage, ... • https://github.com/Exiv2/exiv2/issues/1530 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 10EXPL: 0CVE-2021-24036
https://notcve.org/view.php?id=CVE-2021-24036
23 Jul 2021 — Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. • https://github.com/facebook/folly/commit/4f304af1411e68851bdd00ef6140e9de4616f7d3 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30791 – Apple macOS ModelIO ABC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30791
23 Jul 2021 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. macOS Big Sur 11.5 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212601 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 1CVE-2021-30795 – webkitgtk: Use-after-free leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30795
23 Jul 2021 — Issues addressed include buffer overflow, code execution, cross site scripting, information leakage, integer overflow, traversal, and use-after-free vulnerabilities. • https://packetstorm.news/files/id/163880 • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30804 – Apple Security Advisory 2021-07-21-1
https://notcve.org/view.php?id=CVE-2021-30804
23 Jul 2021 — Una aplicación maliciosa puede ser capaz de acceder a mis datos iOS 14.7 and iPadOS 14.7 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212601 •
CVSS: 9.3EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30777 – Apple Security Advisory 2021-07-21-3
https://notcve.org/view.php?id=CVE-2021-30777
23 Jul 2021 — Una aplicación maliciosa podría alcanzar privilegios de root Security Update 2021-004 Catalina addresses buffer overflow, code execution, double free, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/HT212600 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.3EPSS: 0%CPEs: 46EXPL: 0CVE-2021-30765 – Apple Security Advisory 2021-07-21-3
https://notcve.org/view.php?id=CVE-2021-30765
23 Jul 2021 — Una aplicación puede ser capaz de ejecutar código arbitrario con privilegios del kernel Security Update 2021-004 Catalina addresses buffer overflow, code execution, double free, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/HT212600 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2021-30731 – Apple Security Advisory 2021-07-21-3
https://notcve.org/view.php?id=CVE-2021-30731
23 Jul 2021 — Una aplicación no privilegiada puede ser capaz de capturar dispositivos USB Security Update 2021-004 Catalina addresses buffer overflow, code execution, double free, information leakage, integer overflow, out of bounds read, and out of bounds write vulnerabilities. • https://github.com/osy/WebcamViewer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-30763 – Apple Security Advisory 2021-07-21-5
https://notcve.org/view.php?id=CVE-2021-30763
23 Jul 2021 — Un acceso directo puede omitir los requisitos de permiso de Internet iOS 14.7 and iPadOS 14.7 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212601 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-30769 – Apple Security Advisory 2021-07-21-5
https://notcve.org/view.php?id=CVE-2021-30769
23 Jul 2021 — Un atacante malicioso con capacidad de lectura y escritura arbitraria puede ser capaz de omitir una Autenticación de Punteros iOS 14.7 and iPadOS 14.7 addresses buffer overflow, bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212601 • CWE-287: Improper Authentication •