Apple

macOS

2323 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-30811

  • EPSS 0.1%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:45

This issue was addressed with improved checks. This issue is fixed in iOS 15 and iPadOS 15, watchOS 8. A local attacker may be able to read sensitive information.

5.5

CVE-2021-30819

  • EPSS 0.25%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:46

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 15 and iPadOS 15. Processing a maliciously crafted USD file may disclose memory contents.

7.8

CVE-2021-30827

  • EPSS 0.03%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:47

A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.

5.5

CVE-2021-30828

  • EPSS 0.04%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:47

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to read arbitrary files as root.

7.8

CVE-2021-30829

  • EPSS 0.04%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:47

A URI parsing issue was addressed with improved parsing. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to execute arbitrary files.

9.3

CVE-2021-30830

  • EPSS 0.2%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:47

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.5

CVE-2021-22946

Exploit
  • EPSS 0.07%
  • Veröffentlicht 29.09.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:59

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This ...

5.9

CVE-2021-22947

Exploit
  • EPSS 0.19%
  • Veröffentlicht 29.09.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:59

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not ...

9.1

CVE-2021-22945

Exploit
  • EPSS 0.35%
  • Veröffentlicht 23.09.2021 13:15:08
  • Zuletzt bearbeitet 09.06.2025 15:15:25

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.

8.8

CVE-2021-39537

Exploit
  • EPSS 0.32%
  • Veröffentlicht 20.09.2021 16:15:12
  • Zuletzt bearbeitet 21.11.2024 06:19:38

An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.