CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30694 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30694
An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. Se abordó un problema de divulgación de información con una administración de estado mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 •
CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30695 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30695
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. Se abordó un problema de lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30697
https://notcve.org/view.php?id=CVE-2021-30697
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local user may be able to leak sensitive user information. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en tvOS versión 14.6, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-30684
https://notcve.org/view.php?id=CVE-2021-30684
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A remote attacker may cause an unexpected application termination or arbitrary code execution. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina. • https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 •
CVSS: 9.3EPSS: 0%CPEs: 33EXPL: 0CVE-2021-30681
https://notcve.org/view.php?id=CVE-2021-30681
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to gain root privileges. Se presentó un problema de comprobación en el manejo de los enlaces simbólicos. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 https://support.apple.com/en-us/HT212533 • CWE-20: Improper Input Validation •