CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2020-27947 – Apple macOS process_token_AVCDecode Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-27947
16 Dec 2020 — An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212011 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2020-29619 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-29619
16 Dec 2020 —  El procesamiento de una imagen diseñada maliciosamente puede ser capaz de causar daños en el montón. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212003 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2020-27948 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27948
16 Dec 2020 —  El procesamiento de un archivo de audio diseñado malicioso puede conllevar a una ejecución de código arbitraria. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212003 • CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-27901 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27901
16 Dec 2020 —  Un proceso en sandbox puede ser capaz de omitir las restricciones del sandbox. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT211931 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2020-29618 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-29618
16 Dec 2020 —  El procesamiento de una imagen diseñada maliciosamente puede conllevar a una ejecución de código arbitraria. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212003 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 1CVE-2020-29611 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-29611
16 Dec 2020 —  El procesamiento de una imagen diseñada maliciosamente puede conllevar a una ejecución de código arbitraria. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://packetstorm.news/files/id/160547 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 1CVE-2020-27946 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27946
16 Dec 2020 —  El procesamiento de una fuente diseñada maliciosamente puede resultar en una divulgación de la memoria del proceso. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://packetstorm.news/files/id/161297 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9971 – Apple Security Advisory 2020-12-14-4
https://notcve.org/view.php?id=CVE-2020-9971
16 Dec 2020 —  Una aplicación maliciosa puede elevar los privilegios. macOS Big Sur 11.0.1 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, path sanitization, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT211843 •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2020-29621 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-29621
16 Dec 2020 —  Una aplicación maliciosa puede omitir las preferencias de privacidad. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT212011 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 1CVE-2020-27949 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27949
16 Dec 2020 —  Una aplicación maliciosa puede causar cambios inesperados en la memoria que pertenece a los procesos rastreados por DTrace. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://github.com/seemoo-lab/dtrace-memaccess_cve-2020-27949 •