Total
32339 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30678 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2021-30677 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| This issue was addressed with improved environment sanitization. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to break out of its sandbox. | |||||
| CVE-2021-30676 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A local user may be able to cause unexpected system termination or read kernel memory. | |||||
| CVE-2021-30674 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.6 and iPadOS 14.6. A malicious application may disclose restricted memory. | |||||
| CVE-2021-30673 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. A malicious application may be able to access a user's call history. | |||||
| CVE-2021-30662 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
| CVE-2021-30659 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A validation issue was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, macOS Big Sur 11.3. A malicious application may be able to leak sensitive user information. | |||||
| CVE-2021-30656 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout. | |||||
| CVE-2021-30655 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An application may be able to execute arbitrary code with system privileges. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. The issue was addressed with improved permissions logic. | |||||
| CVE-2021-30654 | 1 Apple | 1 Garageband | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information. | |||||
| CVE-2021-30653 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-30651 | 1 Broadcom | 1 Symantec Messaging Gateway | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access. | |||||
| CVE-2021-30620 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink | |||||
| CVE-2021-30618 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Chromium: CVE-2021-30618 Inappropriate implementation in DevTools | |||||
| CVE-2021-30617 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Chromium: CVE-2021-30617 Policy bypass in Blink | |||||
| CVE-2021-30615 | 2 Fedoraproject, Microsoft | 3 Fedora, Edge, Edge Chromium | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Chromium: CVE-2021-30615 Cross-origin data leak in Navigation | |||||
| CVE-2021-30587 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2021-30582 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2021-30502 | 1 Simple Glasgow Haskell Compiler Project | 1 Simple Glasgow Haskell Compiler | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The unofficial vscode-ghc-simple (aka Simple Glasgow Haskell Compiler) extension before 0.2.3 for Visual Studio Code allows remote code execution via a crafted workspace configuration with replCommand. | |||||
| CVE-2021-30496 | 1 Telegram | 1 Telegram | 2024-11-21 | 3.5 LOW | 5.7 MEDIUM |
| The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor's perspective is that "this behavior can't be considered a vulnerability." | |||||