Apple Macos Monterey vulnerabilities

CVE-2021-30809 [HIGH] CVE-2021-30809: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30809 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2021-30896 [MEDIUM] CVE-2021-30896: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30896 Component: Game Center Impact: A malicious application may be able to read user's gameplay data Description: A logic issue was addressed with improved restrictions.

CVE-2021-30884 [MEDIUM] CVE-2021-30884: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30884 Component: WebKit Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: The issue was resolved with additional restrictions on CSS compositing.

CVE-2021-30892 [MEDIUM] CVE-2021-30892: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30892 Component: Windows Server Impact: A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen Description: An authentication issue was addressed with improved state management.

CVE-2021-30890 [MEDIUM] CVE-2021-30890: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30890 Component: WebKit Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management.

CVE-2021-30904 [MEDIUM] CVE-2021-30904: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30904 Component: Messages Impact: A user's messages may continue to sync after the user has signed out of iMessage Description: A sync issue was addressed with improved state validation.

CVE-2021-30912 [MEDIUM] CVE-2021-30912: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30912 Component: SoftwareUpdate Impact: A malicious application may gain access to a user's Keychain items Description: The issue was addressed with improved permissions logic.

CVE-2021-30920 [MEDIUM] CVE-2021-30920: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30920 Component: Sandbox Impact: A local attacker may be able to read sensitive information Description: A permissions issue was addressed with improved validation.

CVE-2021-30910 [MEDIUM] CVE-2021-30910: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30910 Component: Model I/O Impact: Processing a maliciously crafted file may disclose user information Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30867 [MEDIUM] CVE-2021-30867: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30867 Component: Graphics Drivers Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling.

CVE-2021-30930 [MEDIUM] CVE-2021-30930: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30930 Component: WebRTC Impact: An attacker may be able to track users through their IP address Description: A logic issue was addressed with improved state management.

CVE-2021-30913 [MEDIUM] CVE-2021-30913: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30913 Component: SoftwareUpdate Impact: An unprivileged application may be able to edit NVRAM variables Description: A logic issue was addressed with improved restrictions.

CVE-2021-30831 [MEDIUM] CVE-2021-30831: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30831 Component: FontParser Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30808 [MEDIUM] CVE-2021-30808: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30808 Component: Sandbox Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed with improved checks.

CVE-2021-30887 [MEDIUM] CVE-2021-30887: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30887 Component: WebKit Impact: Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy Description: A logic issue was addressed with improved restrictions.

CVE-2021-30931 [MEDIUM] CVE-2021-30931: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30931 Component: Bluetooth Impact: A malicious application may be able to disclose kernel memory Description: A logic issue was addressed with improved validation.

CVE-2021-30813 [MEDIUM] CVE-2021-30813: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30813 Component: Login Window Impact: A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOS Description: A logic issue was addressed with improved checks.

CVE-2021-30897 [MEDIUM] CVE-2021-30897: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30897 Component: WebKit Impact: A malicious website may exfiltrate data cross-origin Description: An issue existed in the specification for the resource timing API. The specification was updated and the updated specification was implemented.

CVE-2021-30833 [MEDIUM] CVE-2021-30833: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30833 Component: Windows Server Impact: A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen Description: An authentication issue was addressed with improved state management.

CVE-2021-30836 [MEDIUM] CVE-2021-30836: macOS Monterey 12.0.1 Apple Security Update: About the security content of macOS Monterey 12.0.1 Product: macOS Monterey Version: 12.0.1 CVE: CVE-2021-30836 Component: WebKit Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved input validation.