CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30752
https://notcve.org/view.php?id=CVE-2021-30752
Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An out-of-bounds read was addressed with improved input validation. El procesamiento de una imagen maliciosamente diseñada puede conllevar a una ejecución de código arbitrario. Este problema se corrigió en macOS Big Sur versión 11.3, iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 https://support.apple.com/en-us/HT212325 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2021-31010 – Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-31010
A deserialization issue was addressed through improved validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 12.5.5, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release.. Se ha solucionado un problema de deserialización mediante una validación mejorada. • https://support.apple.com/en-us/HT212804 https://support.apple.com/en-us/HT212805 https://support.apple.com/en-us/HT212806 https://support.apple.com/en-us/HT212807 https://support.apple.com/en-us/HT212824 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-31008
https://notcve.org/view.php?id=CVE-2021-31008
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 15.1, tvOS 15.1, iOS 15 and iPadOS 15, macOS Monterey 12.0.1, watchOS 8.1. Processing maliciously crafted web content may lead to code execution. Se ha solucionado un problema de confusión de tipos con un mejor manejo de la memoria. Este problema se ha solucionado en Safari 15.1, tvOS 15.1, iOS 15 y iPadOS 15, macOS Monterey 12.0.1, watchOS 8.1. • https://support.apple.com/en-us/HT212814 https://support.apple.com/en-us/HT212869 https://support.apple.com/en-us/HT212874 https://support.apple.com/en-us/HT212875 https://support.apple.com/en-us/HT212876 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-31007
https://notcve.org/view.php?id=CVE-2021-31007
Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.1 and iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. A malicious application may be able to bypass Privacy preferences. Descripción: Se ha solucionado un problema de permisos con una validación mejorada. Este problema se ha solucionado en iOS 15.1 y iPadOS 15.1, tvOS 15.1, macOS Big Sur 11.6.2, watchOS 8.1, macOS Monterey 12.1. • https://support.apple.com/en-us/HT212867 https://support.apple.com/en-us/HT212874 https://support.apple.com/en-us/HT212876 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-31006
https://notcve.org/view.php?id=CVE-2021-31006
Description: A permissions issue was addressed with improved validation. This issue is fixed in watchOS 7.6, tvOS 14.7, macOS Big Sur 11.5. A malicious application may be able to bypass certain Privacy preferences. Descripción: Se ha solucionado un problema de permisos con una validación mejorada. Este problema se ha solucionado en watchOS 7.6, tvOS 14.7 y macOS Big Sur 11.5. • https://support.apple.com/en-us/HT212602 https://support.apple.com/en-us/HT212604 https://support.apple.com/en-us/HT212605 • CWE-276: Incorrect Default Permissions •