Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:apple:macos:8.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-22946 |
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network. Published: September 29, 2021; 4:15:08 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2021-30713 |
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.. Published: September 08, 2021; 11:15:15 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-30706 |
Processing a maliciously crafted image may lead to disclosure of user information. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. This issue was addressed with improved checks. Published: September 08, 2021; 11:15:15 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-30680 |
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4. A local user may be able to load unsigned kernel extensions. Published: September 08, 2021; 11:15:14 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-30668 |
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4. A person with physical access to a Mac may be able to bypass Login Window during a software update. Published: September 08, 2021; 11:15:13 AM -0400 |
V4.0:(not available) V3.1: 4.6 MEDIUM V2.0: 2.1 LOW |
CVE-2021-30665 |
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Published: September 08, 2021; 11:15:13 AM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-1814 |
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, watchOS 7.4. Processing a maliciously crafted image may lead to arbitrary code execution. Published: September 08, 2021; 11:15:09 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-30798 |
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences. Published: September 08, 2021; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2021-30797 |
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution. Published: September 08, 2021; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-30792 |
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted image may lead to arbitrary code execution. Published: September 08, 2021; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-30791 |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted file may disclose user information. Published: September 08, 2021; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-30789 |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution. Published: September 08, 2021; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-30788 |
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. Published: September 08, 2021; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2021-30785 |
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution. Published: September 08, 2021; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-30784 |
Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.5. A local attacker may be able to execute code on the Apple T2 Security Chip. Published: September 08, 2021; 10:15:11 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-30779 |
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing a maliciously crafted image may lead to arbitrary code execution. Published: September 08, 2021; 10:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-30776 |
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination. Published: September 08, 2021; 10:15:10 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-30775 |
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted audio file may lead to arbitrary code execution. Published: September 08, 2021; 10:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-30774 |
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. A malicious application may be able to gain root privileges. Published: September 08, 2021; 10:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2021-30772 |
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to gain root privileges. Published: September 08, 2021; 10:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 9.3 HIGH |