CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-1867 – Apple Security Advisory 2021-04-26-2
https://notcve.org/view.php?id=CVE-2021-1867
28 Apr 2021 — Una aplicación maliciosa puede ser capaz de ejecutar código arbitrario con privilegios del kernel macOS Big Sur 11.3 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212317 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1814 – Apple macOS ImageIO DDS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1814
28 Apr 2021 — An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. macOS Big Sur 11.3 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212324 •
CVSS: 10.0EPSS: 57%CPEs: 10EXPL: 2CVE-2021-30657 – Apple macOS Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2021-30657
28 Apr 2021 — Apple presenta conocimiento de un informe que indica que este problema puede haber sido explotado activamente macOS Big Sur 11.3 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://packetstorm.news/files/id/162504 • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-30661 – Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-30661
28 Apr 2021 — An attacker can execute arbitrary code on the system by persuading a victim to visit a specially crafted Web site. macOS Big Sur 11.3 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212317 • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25032 – unbound: integer overflow in the regional allocator via regional_alloc
https://notcve.org/view.php?id=CVE-2019-25032
27 Apr 2021 — Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. ... An integer overflow in regional_alloc function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker and can be big enough. ... Issues addressed include denial of service and integer overflow vulnerabilities. • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25033 – unbound: integer overflow in the regional allocator via the ALIGN_UP macro
https://notcve.org/view.php?id=CVE-2019-25033
27 Apr 2021 — Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. ... An integer overflow in the regional allocator via the ALIGN_UP macro may lead to a buffer overflow if the size can be controlled by an attacker. ... Issues addressed include an integer overflow vulnerability. • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25034 – unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write
https://notcve.org/view.php?id=CVE-2019-25034
27 Apr 2021 — Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. ... An integer overflow in the sldns_str2wire_dname_buf_origin function may lead to a buffer overflow. ... Issues addressed include denial of service and integer overflow vulnerabilities. • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25035 – unbound: out-of-bounds write in sldns_bget_token_par
https://notcve.org/view.php?id=CVE-2019-25035
27 Apr 2021 — Issues addressed include denial of service and integer overflow vulnerabilities. • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25036 – unbound: assertion failure and denial of service in synth_cname
https://notcve.org/view.php?id=CVE-2019-25036
27 Apr 2021 — Issues addressed include denial of service and integer overflow vulnerabilities. • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-617: Reachable Assertion CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25037 – unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet
https://notcve.org/view.php?id=CVE-2019-25037
27 Apr 2021 — Issues addressed include denial of service and integer overflow vulnerabilities. • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-617: Reachable Assertion •