Page 21 of 1643 results (0.012 seconds)

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1, watchOS versión 7.1, iOS versión 12.4.9, watchOS versión 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS versión 14.2 y iPadOS versión 14.2, watchOS versión 5.3.9, macOS Catalina versión 10.15.7 Supplemental Update, macOS Catalina versión 10.15.7 Update. • https://github.com/FunPhishing/Apple-Safari-Remote-Code-Execution-CVE-2020-27930 http://packetstormsecurity.com/files/161294/Apple-Safari-Remote-Code-Execution.html http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211928 https://support.apple.com/en-us/HT211929 https://support.apple.com/en-us/HT211931 https://support.apple.com/en-us/HT211940 https://support.apple.com/en-us/HT211944 https://support.apple.com/en-us/HT211945 https://support.apple. • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0

A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de confusión de tipos con un manejo de estado mejorado. Este problema se corrigió en macOS Big Sur versión 11.0.1, watchOS versión 7.1, iOS versión 12.4.9, watchOS versión 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS versión 14.2 y iPadOS versión 14.2, watchOS versión 5.3.9, macOS Catalina versión 10.15.7 Supplemental Update, macOS Catalina versión 10.15.7 Update. • http://packetstormsecurity.com/files/161295/XNU-Kernel-Turnstiles-Type-Confusion.html http://seclists.org/fulldisclosure/2020/Dec/32 https://support.apple.com/en-us/HT211928 https://support.apple.com/en-us/HT211929 https://support.apple.com/en-us/HT211931 https://support.apple.com/en-us/HT211940 https://support.apple.com/en-us/HT211944 https://support.apple.com/en-us/HT211945 https://support.apple.com/en-us/HT211946 https://support.apple.com/en-us/HT211947 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.5EPSS: 1%CPEs: 22EXPL: 0

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. El ppp decapsulator en tcpdump versión 4.9.3 puede ser convencido para que asigne una gran cantidad de memoria A flaw was found in tcpdump while printing PPP packets captured in a pcap file or coming from the network. This flaw allows a remote attacker to send specially crafted packets that, when printed, can lead the application to allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability. • http://seclists.org/fulldisclosure/2021/Apr/51 https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231 https://lists.debian.org/debian-lts-announce/2020/11/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2MX34MJIUJQGL6CMEPLTKFOOOC3CJ4Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWDBONZVLC6BAOR2KM376DJCM4H3FERV https://support.apple.com/kb/HT212325 https://support.apple.com/kb/HT212326 h • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0

A logic issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iOS 12.4.3, watchOS 6.1, iOS 13.2 and iPadOS 13.2. AirDrop transfers may be unexpectedly accepted while in Everyone mode. Se abordó un problema lógico con una comprobación mejorada. Este problema se corrigió en macOS Catalina versión 10.15.1, Security Update 2019-001 y Security Update 2019-006, iOS versión 12.4.3, watchOS versión 6.1, iOS versión 13.2 y iPadOS versión 13.2. • https://support.apple.com/en-us/HT210721 https://support.apple.com/en-us/HT210722 https://support.apple.com/en-us/HT210724 https://support.apple.com/en-us/HT211134 •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be trusted. Se presentó un problema de comprobación en Trust Anchor Management. • https://support.apple.com/en-us/HT209599 https://support.apple.com/en-us/HT209600 https://support.apple.com/en-us/HT209602 • CWE-295: Improper Certificate Validation •