CVE-2021-30663 – Apple Multiple Products WebKit Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-30663
An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un desbordamiento de enteros con una comprobación de entrada mejorada. Este problema es corregido en iOS versión 14.5.1 y iPadOS versión 14.5.1, tvOS versión 14.6, iOS versión 12.5.3, Safari versión 14.1.1, macOS Big Sur versión 11.3.1. • https://support.apple.com/en-us/HT212335 https://support.apple.com/en-us/HT212336 https://support.apple.com/en-us/HT212341 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212534 https://access.redhat.com/security/cve/CVE-2021-30663 https://bugzilla.redhat.com/show_bug.cgi?id=1986872 • CWE-190: Integer Overflow or Wraparound •
CVE-2021-30665 – Apple Multiple Products WebKit Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2021-30665
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. • https://support.apple.com/en-us/HT212335 https://support.apple.com/en-us/HT212336 https://support.apple.com/en-us/HT212339 https://support.apple.com/en-us/HT212341 https://support.apple.com/en-us/HT212532 https://access.redhat.com/security/cve/CVE-2021-30665 https://bugzilla.redhat.com/show_bug.cgi?id=1986874 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVE-2021-1858 – Apple macOS KTX Image DecodeRow Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1858
Processing a maliciously crafted image may lead to arbitrary code execution. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. An out-of-bounds write issue was addressed with improved bounds checking. El procesamiento de una imagen maliciosamente diseñada puede conllevar a una ejecución de código arbitrario. Este problema se corrigió en Security Update 2021-002 Catalina, iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5, macOS Big Sur versión 11.3. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 • CWE-787: Out-of-bounds Write •
CVE-2021-1864
https://notcve.org/view.php?id=CVE-2021-1864
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. An attacker with JavaScript execution may be able to execute arbitrary code. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema se corrigió en iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 • CWE-416: Use After Free •
CVE-2021-1881 – Apple macOS libFontParser OTF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1881
An out-of-bounds read was addressed with improved input validation. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted font file may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, tvOS versión 14.5, macOS Big Sur versión 11.3. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212326 https://support.apple.com/en-us/HT212327 • CWE-125: Out-of-bounds Read •