CVE-2020-27942
https://notcve.org/view.php?id=CVE-2020-27942
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing a maliciously crafted font file may lead to arbitrary code execution. Se abordó un problema lógico con una administración de estado mejorada. Este problema se corrigió en Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. • https://support.apple.com/en-us/HT212326 https://support.apple.com/en-us/HT212327 •
CVE-2021-1873
https://notcve.org/view.php?id=CVE-2021-1873
An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to unexpectedly leak a user's credentials from secure text fields. Se abordó un problema de la API en los permisos TCC de accesibilidad con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. • https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 https://support.apple.com/en-us/HT212327 •
CVE-2021-1876
https://notcve.org/view.php?id=CVE-2021-1876
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema se corrigió en macOS Big Sur versión 11.3, Security Update 2021-002 Catalina y Security Update 2021-003 Mojave. • https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 https://support.apple.com/en-us/HT212327 • CWE-416: Use After Free •
CVE-2021-1857
https://notcve.org/view.php?id=CVE-2021-1857
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information. Se abordó un problema de inicialización de memoria con un manejo de la memoria mejorada. Este problema se corrigió en iTunes versión 12.11.3 para Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud para Windows versión 12.3, macOS Big Sur versión 11.3, watchOS versión 7.4, tvOS versión 14.5, iOS versión 14.5 e iPadOS versión 14.5. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212319 https://support.apple.com/en-us/HT212321 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 https://support.apple.com/en-us/HT212327 • CWE-665: Improper Initialization •
CVE-2021-1834 – Apple macOS AppleIntelKBLGraphics IOCTL 0x30002 Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-1834
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada . Este problema se corrigió en macOS Big Sur versión 11.3, Security Update 2021-002 Catalina y Security Update 2021-003 Mojave. • https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 https://support.apple.com/en-us/HT212327 • CWE-787: Out-of-bounds Write •