CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-27920 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27920
16 Dec 2020 — A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing maliciously crafted web content may lead to code execution. Se abordó un problema de uso de la memoria previamente liberada con una administración de la memoria mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Updat... • https://support.apple.com/en-us/HT211928 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-27921 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27921
16 Dec 2020 — A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. Se abordó una condición de carrera con un manejo del estado mejorado. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur versión 11.0.1. • https://support.apple.com/en-us/HT211931 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-27922 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27922
16 Dec 2020 — A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted font file may lead to arbitrary code execution. Se abordó un problema de lógica con una administración de estado mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update... • https://support.apple.com/en-us/HT211928 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-27923 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27923
16 Dec 2020 — An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina,... • https://support.apple.com/en-us/HT211928 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-27924 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27924
16 Dec 2020 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Se... • https://support.apple.com/en-us/HT211928 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2020-10009 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-10009
08 Dec 2020 — A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions. Se abordó un problema lógico con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10006 – Apple Security Advisory 2020-12-14-4
https://notcve.org/view.php?id=CVE-2020-10006
08 Dec 2020 — This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to access restricted files. Este problema es abordado con unos derechos mejorados. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/32 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9945 – Apple Security Advisory 2020-12-14-4
https://notcve.org/view.php?id=CVE-2020-9945
08 Dec 2020 — A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing. Se presentaba un problema de "spoofing" en el manejo de las URL. • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9942 – Apple Security Advisory 2020-12-14-4
https://notcve.org/view.php?id=CVE-2020-9942
08 Dec 2020 — An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, Safari 13.1.2. Visiting a malicious website may lead to address bar spoofing. Se abordó un problema de inconsistencia de la interfaz de usuario con una administración de estado mejorada. Este problema se corrigió en MacOS Big Sur versión 11.0.1, Safari versión 13.1.2. • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-9999 – Apple macOS CoreText MorxLigatureSubtableBuilder TTF Parsing Out-of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-9999
08 Dec 2020 — A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. Este problema se corrigió en MacOS Big Sur versión 11.0.1, iTunes para Windows versión 12.10.9. • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-787: Out-of-bounds Write •