Apple

macOS

2323 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-30866

  • EPSS 0.1%
  • Published 24.08.2021 19:15:14
  • Last modified 21.11.2024 06:04:52

A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in tvOS 15, watchOS 8, iOS 15 and iPadOS 15. A device may be passively tracked by its WiFi MAC address.

5.5

CVE-2021-30867

  • EPSS 0.17%
  • Published 24.08.2021 19:15:14
  • Last modified 21.11.2024 06:04:52

The issue was addressed with improved authentication. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access photo metadata without needing permission to access photos.

8.8

CVE-2021-30851

  • EPSS 0.77%
  • Published 24.08.2021 19:15:13
  • Last modified 21.11.2024 06:04:50

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

8.8

CVE-2021-30852

  • EPSS 0.71%
  • Published 24.08.2021 19:15:13
  • Last modified 21.11.2024 06:04:50

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to arbitrary code execution.

5.5

CVE-2021-30853

  • EPSS 0.07%
  • Published 24.08.2021 19:15:13
  • Last modified 21.11.2024 06:04:50

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6. A malicious application may bypass Gatekeeper checks.

7.5

CVE-2021-36690

Exploit
  • EPSS 0.98%
  • Published 24.08.2021 14:15:09
  • Last modified 21.11.2024 06:13:55

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already ha...

5.3

CVE-2021-22925

Exploit
  • EPSS 0.38%
  • Published 05.08.2021 21:15:11
  • Last modified 21.11.2024 05:50:55

curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be ...

6.5

CVE-2021-36976

  • EPSS 0.11%
  • Published 20.07.2021 07:15:07
  • Last modified 21.11.2024 06:14:25

libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).

7.5

CVE-2020-25709

  • EPSS 12.34%
  • Published 18.05.2021 12:15:07
  • Last modified 21.11.2024 05:18:32

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.

9.3

CVE-2021-1805

  • EPSS 0.26%
  • Published 02.04.2021 19:15:20
  • Last modified 21.11.2024 05:45:08

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitra...