Apple Macos Big Sur vulnerabilities

CVE-2021-30686 [MEDIUM] CVE-2021-30686: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30686 Component: CoreAudio Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30723 [MEDIUM] CVE-2021-30723: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30723 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30744 [MEDIUM] CVE-2021-30744: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30744 Component: WebKit Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins.

CVE-2021-30697 [MEDIUM] CVE-2021-30697: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30697 Component: Heimdal Impact: A local user may be able to leak sensitive user information Description: A logic issue was addressed with improved state management.

CVE-2021-30669 [MEDIUM] CVE-2021-30669: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30669 Component: AppleScript Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management.

CVE-2021-30722 [MEDIUM] CVE-2021-30722: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30722 Component: Security Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.

CVE-2021-30721 [MEDIUM] CVE-2021-30721: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30721 Component: Security Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.

CVE-2021-30685 [MEDIUM] CVE-2021-30685: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30685 Component: Audio Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: This issue was addressed with improved checks.

CVE-2021-30731 [MEDIUM] CVE-2021-30731: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30731 Component: IOUSBHostFamily Impact: This issue was addressed with improved checks Description: An unprivileged application may be able to capture USB devices.

CVE-2021-30705 [MEDIUM] CVE-2021-30705: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30705 Component: ImageIO Impact: Processing a maliciously crafted ASTC file may disclose memory contents Description: This issue was addressed with improved checks.

CVE-2021-30738 [MEDIUM] CVE-2021-30738: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30738 Component: PackageKit Impact: A malicious application may be able to overwrite arbitrary files Description: An issue with path validation logic for hardlinks was addressed with improved path sanitization.

CVE-2021-30751 [MEDIUM] CVE-2021-30751: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30751 Component: Sandbox Impact: A malicious application may be able to bypass certain Privacy preferences Description: This issue was addressed with improved data protection.

CVE-2021-30718 [MEDIUM] CVE-2021-30718: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30718 Component: SoftwareUpdate Impact: A non-privileged user may be able to modify restricted settings Description: This issue was addressed with improved checks.

CVE-2021-30746 [MEDIUM] CVE-2021-30746: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30746 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30700 [MEDIUM] CVE-2021-30700: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30700 Component: ImageIO Impact: Processing a maliciously crafted image may lead to disclosure of user information Description: This issue was addressed with improved checks.

CVE-2021-30692 [MEDIUM] CVE-2021-30692: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30692 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30702 [MEDIUM] CVE-2021-30702: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30702 Component: Login Window Impact: A person with physical access to a Mac may be able to bypass Login Window Description: A logic issue was addressed with improved state management.

CVE-2021-23841 [MEDIUM] CVE-2021-23841: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-23841 Component: WebRTC Impact: A remote attacker may be able to cause a denial of service Description: A null pointer dereference was addressed with improved input validation.

CVE-2021-30756 [MEDIUM] CVE-2021-30756: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30756 Component: MediaRemote Impact: A privacy issue in Now Playing was addressed with improved permissions Description: A local attacker may be able to view Now Playing information from the lock screen.

CVE-2021-30716 [MEDIUM] CVE-2021-30716: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30716 Component: Security Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.