Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2021-001:*:*:*:*:*:*
There are 14 matching records.
Displaying matches 1 through 14.
Vuln ID Summary CVSS Severity
CVE-2021-1806

A race condition was addressed with additional validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges.

Published: April 02, 2021; 3:15:20 PM -0400
V3.1: 7.0 HIGH
V2.0: 7.6 HIGH
CVE-2021-1805

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary code with kernel privileges.

Published: April 02, 2021; 3:15:20 PM -0400
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2021-1797

The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files.

Published: April 02, 2021; 3:15:19 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

Published: January 26, 2021; 1:15:57 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-36229

A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.

Published: January 26, 2021; 1:15:57 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-36226

A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.

Published: January 26, 2021; 1:15:57 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-36224

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

Published: January 26, 2021; 1:15:56 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-36223

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).

Published: January 26, 2021; 1:15:56 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-36222

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

Published: January 26, 2021; 1:15:56 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-36221

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

Published: January 26, 2021; 1:15:56 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-8286

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

Published: December 14, 2020; 3:15:14 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

Published: December 14, 2020; 3:15:13 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-8037

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

Published: November 04, 2020; 1:15:20 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-3838

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

Published: February 27, 2020; 4:15:16 PM -0500
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH