Apple Macos Big Sur vulnerabilities

CVE-2021-30755 [MEDIUM] CVE-2021-30755: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30755 Component: FontParser Impact: An out-of-bounds read was addressed with improved input validation Description: Processing a maliciously crafted font may result in the disclosure of process memory

CVE-2021-30682 [MEDIUM] CVE-2021-30682: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30682 Component: WebKit Impact: A malicious application may be able to leak sensitive user information Description: A logic issue was addressed with improved restrictions.

CVE-2021-30709 [MEDIUM] CVE-2021-30709: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30709 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: This issue was addressed with improved checks.

CVE-2021-30720 [MEDIUM] CVE-2021-30720: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30720 Component: WebKit Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A logic issue was addressed with improved restrictions.

CVE-2021-30696 [MEDIUM] CVE-2021-30696: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30696 Component: Mail Impact: An attacker in a privileged network position may be able to misrepresent application state Description: A logic issue was addressed with improved state management.

CVE-2021-30694 [MEDIUM] CVE-2021-30694: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30694 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30689 [MEDIUM] CVE-2021-30689: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30689 Component: WebKit Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management.

CVE-2021-30668 [MEDIUM] CVE-2021-30668: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30668 Component: Software Update Impact: A person with physical access to a Mac may be able to bypass Login Window during a software update Description: This issue was addressed with improved checks.

CVE-2021-30671 [LOW] CVE-2021-30671: macOS Big Sur 11.4 Apple Security Update: About the security content of macOS Big Sur 11.4 Product: macOS Big Sur Version: 11.4 CVE: CVE-2021-30671 Component: TCC Impact: A malicious application may be able to send unauthorized Apple events to Finder Description: A validation issue was addressed with improved logic.

CVE-2021-30856 [CRITICAL] CVE-2021-30856: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-30856 Component: TCC Impact: A malicious unsandboxed app on a system with Remote Login enabled may bypass Privacy preferences Description: This issue was addressed by adding a new Remote Login option for opting into Full Disk Access for Secure Shell sessions.

CVE-2021-1770 [CRITICAL] CVE-2021-1770: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1770 Component: Wi-Fi Impact: A logic issue was addressed with improved state management Description: A buffer overflow may result in arbitrary code execution.

CVE-2021-1829 [CRITICAL] CVE-2021-1829: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1829 Component: Wi-Fi Impact: An application may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling.

CVE-2021-1882 [CRITICAL] CVE-2021-1882: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1882 Component: Foundation Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved validation.

CVE-2021-30655 [CRITICAL] CVE-2021-30655: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-30655 Component: Wi-Fi Impact: An application may be able to execute arbitrary code with system privileges Description: The issue was addressed with improved permissions logic.

CVE-2021-1834 [CRITICAL] CVE-2021-1834: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1834 Component: Intel Graphics Driver Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2021-1868 [HIGH] CVE-2021-1868: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1868 Component: SampleAnalysis Impact: A local attacker may be able to elevate their privileges Description: A logic issue was addressed with improved state management.

CVE-2021-1809 [HIGH] CVE-2021-1809: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1809 Component: CoreAudio Impact: A malicious application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation.

CVE-2021-1885 [HIGH] CVE-2021-1885: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1885 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-1839 [HIGH] CVE-2021-1839: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1839 Component: Time Machine Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved permissions logic.

CVE-2021-1858 [HIGH] CVE-2021-1858: macOS Big Sur 11.3 Apple Security Update: About the security content of macOS Big Sur 11.3 Product: macOS Big Sur Version: 11.3 CVE: CVE-2021-1858 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking.