Apple

macOS

2701 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-30827

  • EPSS 0.03%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:47

A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local attacker may be able to elevate their privileges.

5.5

CVE-2021-30828

  • EPSS 0.04%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:47

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to read arbitrary files as root.

7.8

CVE-2021-30829

  • EPSS 0.04%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:47

A URI parsing issue was addressed with improved parsing. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to execute arbitrary files.

9.3

CVE-2021-30830

  • EPSS 0.2%
  • Veröffentlicht 19.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:47

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.

7.5

CVE-2021-22946

Exploit
  • EPSS 0.06%
  • Veröffentlicht 29.09.2021 20:15:08
  • Zuletzt bearbeitet 16.04.2026 15:16:44

A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This ...

5.9

CVE-2021-22947

Exploit
  • EPSS 0.25%
  • Veröffentlicht 29.09.2021 20:15:08
  • Zuletzt bearbeitet 16.04.2026 15:16:44

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not ...

9.1

CVE-2021-22945

Exploit
  • EPSS 0.35%
  • Veröffentlicht 23.09.2021 13:15:08
  • Zuletzt bearbeitet 09.06.2025 15:15:25

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.

8.8

CVE-2021-39537

Exploit
  • EPSS 0.37%
  • Veröffentlicht 20.09.2021 16:15:12
  • Zuletzt bearbeitet 21.11.2024 06:19:38

An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.

5.9

CVE-2021-30716

  • EPSS 0.65%
  • Veröffentlicht 08.09.2021 15:15:16
  • Zuletzt bearbeitet 21.11.2024 06:04:30

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to perform denial of s...

8.1

CVE-2021-30717

  • EPSS 0.89%
  • Veröffentlicht 08.09.2021 15:15:16
  • Zuletzt bearbeitet 21.11.2024 06:04:30

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to execute...