CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2021-30707 – Apple macOS AudioToolboxCore RF64 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30707
26 May 2021 — This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted audio file may lead to arbitrary code execution. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.4, tvOS versión 14.6, watchOS versión 7.5, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30708 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30708
26 May 2021 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update... • https://support.apple.com/en-us/HT212528 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30709 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30709
26 May 2021 — This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 •
CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30710 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2021-30710
26 May 2021 — A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may cause a denial of service or potentially disclose memory contents. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. Este problema es corregido en tvOS versión 14.6, Security Update 2021-004 Mojave, iOS versi... • https://support.apple.com/en-us/HT212528 • CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30714 – Apple Security Advisory 2021-05-25-1
https://notcve.org/view.php?id=CVE-2021-30714
26 May 2021 — A race condition was addressed with improved state handling. This issue is fixed in iOS 14.6 and iPadOS 14.6. An application may be able to cause unexpected system termination or write kernel memory. Se abordó una condición de carrera con un manejo de estado mejorada. Este problema es corregido en iOS versión 14.6 y iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2021-30715 – Apple Security Advisory 2021-05-25-4
https://notcve.org/view.php?id=CVE-2021-30715
26 May 2021 — A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. Processing a maliciously crafted message may lead to a denial of service. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en tvOS versión 14.6, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30720 – webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers
https://notcve.org/view.php?id=CVE-2021-30720
26 May 2021 — A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. Se abordó un problema lógico con restricciones mejoradas. Este problema se corrigió en tvOS versión 14.6, iOS versión 14.6 e iPadOS versión 14.6, Safari versión 14.1.1, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 • CWE-20: Improper Input Validation CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30723 – Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30723
26 May 2021 — An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. Se abordó un problema de divulgación de información con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS v... • https://support.apple.com/en-us/HT212528 •
CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2021-30724 – Apple macOS CVMServer Integer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-30724
26 May 2021 — This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local attacker may be able to elevate their privileges. Este problema se abordó con comprobaciones mejoradas. Este problema se corrigió en tvOS versión 14.6, Security Update 2021-004 Mojave, iOS versión 14.6 e iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS ... • https://support.apple.com/en-us/HT212528 •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2021-30725 – Apple macOS ModelIO USD Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30725
26 May 2021 — A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina, ... • https://support.apple.com/en-us/HT212528 • CWE-787: Out-of-bounds Write •