CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-1844 – webkitgtk: Memory corruption issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-1844
09 Mar 2021 — A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con una comprobación mejorada. Este problema es corregido en iOS versión 14.4.1 y iPadOS versión 14.4.1, Safari versión 14.0.3 (versiones v.14610.4.3.1.7 y 15610.4.3.1.7),... • http://seclists.org/fulldisclosure/2021/Apr/55 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 2%CPEs: 38EXPL: 2CVE-2021-23841 – Null pointer deref in X509_issuer_and_serial_hash()
https://notcve.org/view.php?id=CVE-2021-23841
16 Feb 2021 — The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never di... • https://github.com/Trinadh465/external_boringssl_openssl_1.1.0g_CVE-2021-23841 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 1CVE-2020-29624 – Apple CoreText libFontParser.dylib Stack Corruption
https://notcve.org/view.php?id=CVE-2020-29624
05 Feb 2021 — A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution. Se presentó un problema de corrupción de memoria en un procesamiento de archivos de fuentes. • https://packetstorm.news/files/id/161299 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2021-1768 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1768
02 Feb 2021 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.2, Security Update 2021-001 Catalina, Security Up... • https://support.apple.com/en-us/HT212146 • CWE-125: Out-of-bounds Read •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1780 – Apple Security Advisory 2021-02-01-2
https://notcve.org/view.php?id=CVE-2021-1780
02 Feb 2021 — A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 14.4 and iPadOS 14.4. An attacker in a privileged position may be able to perform a denial of service attack. Se abordó un problema de inicialización de la memoria con un manejo de la memoria mejorado. Este problema es corregido en iOS versión 14.4 y iPadOS versión 14.4. • https://support.apple.com/en-us/HT212146 • CWE-665: Improper Initialization •
CVSS: 9.3EPSS: 0%CPEs: 19EXPL: 0CVE-2021-1763 – Apple macOS ModelIO USD Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-1763
02 Feb 2021 — A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó un desbordamiento del búfer con una comprobación de límites mejorada. Este problema es corregido en macOS Big Sur versión 11.2, Security Update 2021-001 Catalina, Security Update ... • https://support.apple.com/en-us/HT212146 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2021-1762 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-1762
02 Feb 2021 — An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en iOS versión 14.4 e iPadOS versión 14.4, macOS Big Sur versión 11.2, Security... • https://support.apple.com/en-us/HT212146 • CWE-787: Out-of-bounds Write •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1756 – Apple Security Advisory 2021-02-01-2
https://notcve.org/view.php?id=CVE-2021-1756
02 Feb 2021 — A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 14.4 and iPadOS 14.4. An attacker with physical access to a device may be able to see private contact information. Un problema de la pantalla de bloqueo permitió el acceso a los contactos en un dispositivo bloqueado. • https://support.apple.com/en-us/HT212146 •
CVSS: 9.3EPSS: 0%CPEs: 19EXPL: 0CVE-2021-1767 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1767
02 Feb 2021 — This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to heap corruption. Este problema es abordado con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS versión 14.4 y iPadOS versión 14.4. • https://support.apple.com/en-us/HT212146 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 0CVE-2021-1745 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1745
02 Feb 2021 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de la entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.2, Security Update 2021-001 Catalina, Securit... • https://support.apple.com/en-us/HT212146 • CWE-125: Out-of-bounds Read •