CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-27907 – Apple macOS process_token_GenerateMipmaps Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-27907
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de lógica con unas restricciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur versión 11.0.1. • https://support.apple.com/en-us/HT211931 https://support.apple.com/en-us/HT212011 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2020-27896
https://notcve.org/view.php?id=CVE-2020-27896
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to modify the file system. Se abordó un problema de manejo de rutas con una comprobación mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27906
https://notcve.org/view.php?id=CVE-2020-27906
Multiple integer overflows were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to cause unexpected application termination or heap corruption. Se abordaron múltiples desbordamientos de enteros con una comprobación de entrada mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27898
https://notcve.org/view.php?id=CVE-2020-27898
A denial of service issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1. An attacker may be able to bypass Managed Frame Protection. Se abordó un problema de denegación de servicio con un manejo de estado mejorado. Este problema se corrigió en macOS Big Sur versión 11.0.1. • http://seclists.org/fulldisclosure/2020/Dec/26 http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212011 • CWE-252: Unchecked Return Value •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27904
https://notcve.org/view.php?id=CVE-2020-27904
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. Se presentó un problema lógico resultando en una corrupción de la memoria. • http://seclists.org/fulldisclosure/2020/Dec/32 http://seclists.org/fulldisclosure/2021/Feb/14 https://support.apple.com/en-us/HT211931 https://support.apple.com/kb/HT212147 •