CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-9956 – Apple macOS libFontParser TTF Font Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-9956
09 Dec 2020 — An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT211843 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9955 – Apple macOS KTX Image DecodeRow Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-9955
09 Dec 2020 — An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. macOS Big Sur 11.0.1 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, path sanitization, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT211843 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-27907 – Apple macOS process_token_GenerateMipmaps Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-27907
09 Dec 2020 — An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT211931 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2020-27896 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27896
08 Dec 2020 —  Un atacante remoto puede modificar el sistema de archivos macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2020/Dec/26 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27906 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27906
08 Dec 2020 — Multiple integer overflows were addressed with improved input validation. ...  Un atacante remoto puede ser capaz de causar un cierre inesperado de la aplicación o una corrupción de la pila macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2020/Dec/26 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27898 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27898
08 Dec 2020 —  Un atacante puede ser capaz de omitir Managed Frame Protection macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2020/Dec/26 • CWE-252: Unchecked Return Value •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-27904 – Apple Security Advisory 2020-12-14-4
https://notcve.org/view.php?id=CVE-2020-27904
08 Dec 2020 —  Una aplicación puede ejecutar código arbitrario con privilegios de kernel macOS Big Sur 11.2, Security Update 2021-001 Catalina, and Security Update 2021-001 Mojave address buffer overflow, bypass, code execution, denial of service, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://github.com/pattern-f/xattr-oob-swap •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27903 – Apple Security Advisory 2020-12-14-3
https://notcve.org/view.php?id=CVE-2020-27903
08 Dec 2020 —  Una aplicación puede obtener privilegios elevados macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2020/Dec/26 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27900 – Apple Security Advisory 2020-12-14-4
https://notcve.org/view.php?id=CVE-2020-27900
08 Dec 2020 —  Una aplicación maliciosa pueda ser capaz de previsualizar archivos a los que no tiene acceso macOS Big Sur 11.0.1 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, path sanitization, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2020/Dec/32 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27894 – Apple Security Advisory 2020-12-14-4
https://notcve.org/view.php?id=CVE-2020-27894
08 Dec 2020 — Los usuarios no pueden eliminar los metadatos indicando de dónde fueron descargados unos archivos macOS Big Sur 11.0.1 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, path sanitization, spoofing, and use-after-free vulnerabilities. • http://seclists.org/fulldisclosure/2020/Dec/32 •