CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-30964
https://notcve.org/view.php?id=CVE-2021-30964
An inherited permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2. A malicious application may be able to bypass Privacy preferences. Se abordó un problema de permisos heredados con restricciones adicionales. Este problema es corregido en macOS Monterey versión 12.1, watchOS versión 8.3, iOS versión 15.2 e iPadOS versión 15.2. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30960
https://notcve.org/view.php?id=CVE-2021-30960
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Parsing a maliciously crafted audio file may lead to disclosure of user information. Se abordó un problema de desbordamiento del búfer con una administración de la memoria mejorada. Este problema es corregido en macOS Monterey versión 12.1, watchOS versión 8.3, iOS versión 15.2 e iPadOS versión 15.2, tvOS versión 15.2. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 https://support.apple.com/kb/HT213055 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-30958
https://notcve.org/view.php?id=CVE-2021-30958
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Playing a malicious audio file may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en macOS Big Sur versión 11.6.2, tvOS versión 15.2, macOS Monterey versión 12.1, Security Update 2021-008 Catalina, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us/HT212981 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30957
https://notcve.org/view.php?id=CVE-2021-30957
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted audio file may lead to arbitrary code execution. Se abordó un problema de desbordamiento del búfer con una administración de la memoria mejorada. Este problema es corregido en macOS Monterey versión 12.1, watchOS versión 8.3, iOS versión 15.2 e iPadOS versión 15.2, tvOS versión 15.2. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 https://support.apple.com/kb/HT212979 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.6EPSS: 0%CPEs: 5EXPL: 3CVE-2021-30955
https://notcve.org/view.php?id=CVE-2021-30955
A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó una condición de carrera con un manejo de estado mejorado. Este problema es corregido en macOS Monterey versión 12.1, watchOS versión 8.3, iOS versión 15.2 e iPadOS versión 15.2, tvOS versión 15.2. • https://github.com/verygenericname/CVE-2021-30955-POC-IPA https://github.com/timb-machine-mirrors/jakeajames-CVE-2021-30955 https://github.com/nickorlow/CVE-2021-30955-POC https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •