Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-30713 | 1 Apple | 2 Mac Os X, Macos | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.. | |||||
CVE-2021-30709 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents. | |||||
CVE-2021-30688 | 1 Apple | 2 Mac Os X, Macos | 2022-07-12 | 4.6 MEDIUM | 8.8 HIGH |
A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A path handling issue was addressed with improved validation. | |||||
CVE-2021-30673 | 1 Apple | 2 Mac Os X, Macos | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to access a user's call history. | |||||
CVE-2021-30666 | 1 Apple | 1 Iphone Os | 2022-07-12 | 6.8 MEDIUM | 8.8 HIGH |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. | |||||
CVE-2021-30657 | 1 Apple | 2 Mac Os X, Macos | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.. | |||||
CVE-2021-30656 | 1 Apple | 2 Ipados, Iphone Os | 2022-07-12 | 7.1 HIGH | 5.5 MEDIUM |
An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout. | |||||
CVE-2021-22004 | 3 Fedoraproject, Microsoft, Saltstack | 3 Fedora, Windows, Salt | 2022-07-12 | 4.4 MEDIUM | 6.4 MEDIUM |
An issue was discovered in SaltStack Salt before 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion software. | |||||
CVE-2021-21996 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2022-07-12 | 7.1 HIGH | 7.5 HIGH |
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion. | |||||
CVE-2021-1873 | 1 Apple | 2 Mac Os X, Macos | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to unexpectedly leak a user's credentials from secure text fields. | |||||
CVE-2021-1861 | 1 Apple | 1 Macos | 2022-07-12 | 4.3 MEDIUM | 4.3 MEDIUM |
An issue existed in determining cache occupancy. The issue was addressed through improved logic. This issue is fixed in macOS Big Sur 11.3. A malicious website may be able to track users by setting state in a cache. | |||||
CVE-2021-1824 | 1 Apple | 2 Mac Os X, Macos | 2022-07-12 | 4.9 MEDIUM | 4.4 MEDIUM |
This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application with root privileges may be able to access private information. | |||||
CVE-2021-1822 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. A local user may be able to modify protected parts of the file system. | |||||
CVE-2021-1820 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-07-12 | 4.3 MEDIUM | 6.5 MEDIUM |
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing maliciously crafted web content may result in the disclosure of process memory. | |||||
CVE-2021-1807 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2022-07-12 | 4.9 MEDIUM | 5.5 MEDIUM |
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4. A local user may be able to write arbitrary files. | |||||
CVE-2021-1784 | 1 Apple | 2 Mac Os X, Macos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to modify protected parts of the file system. | |||||
CVE-2021-30803 | 1 Apple | 1 Macos | 2022-07-12 | 4.3 MEDIUM | 3.3 LOW |
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to access a user’s recent Contacts. | |||||
CVE-2021-30798 | 1 Apple | 3 Iphone Os, Macos, Watchos | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences. | |||||
CVE-2021-30783 | 1 Apple | 2 Mac Os X, Macos | 2022-07-12 | 2.1 LOW | 6.5 MEDIUM |
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
CVE-2021-30776 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination. |