CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 0CVE-2021-30710
https://notcve.org/view.php?id=CVE-2021-30710
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A malicious application may cause a denial of service or potentially disclose memory contents. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. Este problema es corregido en tvOS versión 14.6, Security Update 2021-004 Mojave, iOS versión 14.6 y iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2021-30724 – Apple macOS CVMServer Integer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-30724
This issue was addressed with improved checks. This issue is fixed in tvOS 14.6, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6, Security Update 2021-003 Catalina, macOS Big Sur 11.4, watchOS 7.5. A local attacker may be able to elevate their privileges. Este problema se abordó con comprobaciones mejoradas. Este problema se corrigió en tvOS versión 14.6, Security Update 2021-004 Mojave, iOS versión 14.6 e iPadOS versión 14.6, Security Update 2021-003 Catalina, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 https://support.apple.com/en-us/HT212531 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30734 – Apple Safari Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30734
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en tvOS versión 14.6, iOS versión 14.6 e iPadOS versión 14.6, Safari versión 14.1.1, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 https://support.apple.com/en-us/HT212534 https://access.redhat.com/security/cve/CVE-2021-30734 https://bugzilla.redhat.com/show_bug.cgi?id=1986886 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30749 – Apple WebKit KeyframeEffect Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30749
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de la memoria con una administración de memoria mejorada. Este problema se corrigió en tvOS versión 14.6, iOS versión 14.6 e iPadOS versión 14.6, Safari versión 14.1.1, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 https://support.apple.com/en-us/HT212534 https://access.redhat.com/security/cve/CVE-2021-30749 https://bugzilla.redhat.com/show_bug.cgi?id=1986890 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30720 – webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers
https://notcve.org/view.php?id=CVE-2021-30720
A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. Se abordó un problema lógico con restricciones mejoradas. Este problema se corrigió en tvOS versión 14.6, iOS versión 14.6 e iPadOS versión 14.6, Safari versión 14.1.1, macOS Big Sur versión 11.4, watchOS versión 7.5. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 https://support.apple.com/en-us/HT212534 https://access.redhat.com/security/cve/CVE-2021-30720 https://bugzilla.redhat.com/show_bug.cgi?id=1986883 • CWE-20: Improper Input Validation CWE-287: Improper Authentication •