CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-30848 – webkitgtk: Memory corruption issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30848
22 Sep 2021 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. Se abordó un problema de corrupción de memoria con un manejo de memoria mejorado. Este problema es corregido en iOS versión 14.8 y iPadOS versión 14.8, Safari versión 15, iOS versión 15 y iPadOS versión 15. • https://packetstorm.news/files/id/164517 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2021-30849 – webkitgtk: Multiple memory corruption issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30849
22 Sep 2021 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. Se han abordado múltiples problemas de corrupción de memoria con un manejo de memoria mejorado. Este problema es corregido en iOS versión 14.8 y iPadOS versión 14.8, watchOS versión 8, Safari versión 15, tvOS versión 15, iO... • https://packetstorm.news/files/id/164518 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30826 – Apple Security Advisory 2021-10-26-9
https://notcve.org/view.php?id=CVE-2021-30826
22 Sep 2021 — A logic issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15. In certain situations, the baseband would fail to enable integrity and ciphering protection. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iOS versión 15 y iPadOS versión 15. • http://seclists.org/fulldisclosure/2021/Oct/61 •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1812
https://notcve.org/view.php?id=CVE-2021-1812
08 Sep 2021 — A logic issue was addressed with improved validation. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema lógico con una comprobación mejorada. Este problema se corrigió en iOS versión 14.5 e iPadOS versión 14.5. • https://support.apple.com/en-us/HT212317 •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2021-1770
https://notcve.org/view.php?id=CVE-2021-1770
08 Sep 2021 — A buffer overflow may result in arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A logic issue was addressed with improved state management. Un desbordamiento de búfer puede resultar en una ejecución de código arbitrario. Este problema se corrigió en macOS Big Sur versión 11.3, iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5. • https://support.apple.com/en-us/HT212317 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1863
https://notcve.org/view.php?id=CVE-2021-1863
08 Sep 2021 — An issue existed with authenticating the action triggered by an NFC tag. The issue was addressed with improved action authentication. This issue is fixed in iOS 14.5 and iPadOS 14.5. A person with physical access to an iOS device may be able to place phone calls to any phone number. Se presentaba un problema con la autenticación de la acción desencadenada por una etiqueta NFC. • https://support.apple.com/en-us/HT212317 • CWE-287: Improper Authentication •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1862
https://notcve.org/view.php?id=CVE-2021-1862
08 Sep 2021 — Description: A person with physical access may be able to access contacts. This issue is fixed in iOS 14.5 and iPadOS 14.5. Impact: An issue with Siri search access to information was addressed with improved logic. Descripción: Una persona con acceso físico puede ser capaz de acceder a los contactos. Este problema se corrigió en iOS versión 14.5 e iPadOS versión 14.5. • https://support.apple.com/en-us/HT212317 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1833
https://notcve.org/view.php?id=CVE-2021-1833
08 Sep 2021 — This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may be able to gain elevated privileges. Se abordó este problema con comprobaciones mejoradas. Este problema se corrigió en iOS versión 14.5 e iPadOS versión 14.5. • https://support.apple.com/en-us/HT212317 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30664
https://notcve.org/view.php?id=CVE-2021-30664
08 Sep 2021 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.3, iOS versión 14.5 y iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5. • https://support.apple.com/en-us/HT212317 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30762 – Apple iOS WebKit Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-30762
08 Sep 2021 — A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. • https://support.apple.com/en-us/HT212548 • CWE-20: Improper Input Validation CWE-416: Use After Free •