CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2021-30682 – webkitgtk: Logic issue leading to leak of sensitive user information
https://notcve.org/view.php?id=CVE-2021-30682
26 May 2021 — A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. Se abordó un problema lógico con restricciones mejoradas. Este problema es corregido en tvOS versión 14.6, iOS versión 14.6 y iPadOS versión 14.6, Safari versión 14.1.1, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://github.com/threatnix/csp-playground • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0CVE-2021-30677
https://notcve.org/view.php?id=CVE-2021-30677
26 May 2021 — This issue was addressed with improved environment sanitization. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to break out of its sandbox. Se abordó este problema con un saneamiento del entorno mejorado. Este problema es corregido en tvOS versión 14.6, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave,... • https://support.apple.com/en-us/HT212528 •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-30686 – Apple macOS AudioCodecs LOAS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30686
26 May 2021 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted audio file may disclose restricted memory. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 14.6, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS ... • https://support.apple.com/en-us/HT212528 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30697
https://notcve.org/view.php?id=CVE-2021-30697
26 May 2021 — A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user information. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en tvOS versión 14.6, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-003 Catalina, m... • https://support.apple.com/en-us/HT212528 •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30687
https://notcve.org/view.php?id=CVE-2021-30687
26 May 2021 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted image may lead to disclosure of user information. Se abordó un problema de lectura fuera de límites con una comprobación mejorada de los mismos. Este problema es corregido en tvOS versión 14.6, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadO... • https://support.apple.com/en-us/HT212528 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2021-30685 – Apple macOS AudioToolboxCore AAC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30685
26 May 2021 — This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Parsing a maliciously crafted audio file may lead to disclosure of user information. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en tvOS versión 14.6, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 •
CVSS: 5.5EPSS: 0%CPEs: 36EXPL: 1CVE-2021-1883
https://notcve.org/view.php?id=CVE-2021-1883
26 May 2021 — This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted server messages may lead to heap corruption. Este problema es abordado con comprobaciones mejoradas. Este problema se corrigió en Security Update 2021-004 Mojave, iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, Security Update 2021-003 Catalina, tvOS versión 1... • https://github.com/gabe-k/CVE-2021-1883 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 1%CPEs: 34EXPL: 0CVE-2021-1884
https://notcve.org/view.php?id=CVE-2021-1884
26 May 2021 — A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. A remote attacker may be able to cause a denial of service. Se abordó una condición de carrera con un bloqueo mejorado. Este problema es corregido en Security Update 2021-004 Mojave, iOS versión 14.5 y iPadOS versión 14.5, watchOS versión 7.4, Security Update 2021-003 Catalina, tvOS versión 14.5,... • https://support.apple.com/en-us/HT212317 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-30661 – Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-30661
04 May 2021 — A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de uso de la memoria previamente liberada con una administración de la memoria mejorada. • https://support.apple.com/en-us/HT212317 • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30665 – Apple Multiple Products WebKit Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2021-30665
04 May 2021 — A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. • https://support.apple.com/en-us/HT212335 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •