cbcvebase.

Apple Security Update 2021-005 Catalina vulnerabilities

23 known vulnerabilities affecting apple/security_update_2021-005_catalina.

Total CVEs
23
CISA KEV
3
actively exploited
Public exploits
0
Exploited in wild
3
Severity breakdown
HIGH17MEDIUM6

Vulnerabilities

Page 1 of 2
CVE-2021-30844HIGHCVSS 7.52021-09-13
CVE-2021-30844 [HIGH] CVE-2021-30844: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30844 Component: SMB Impact: A remote attacker may be able to leak memory Description: A logic issue was addressed with improved state management.
apple
CVE-2021-30835HIGHCVSS 7.82021-09-13
CVE-2021-30835 [HIGH] CVE-2021-30835: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30835 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks.
apple
CVE-2021-31010HIGHCVSS 7.5KEV2021-09-13
CVE-2021-31010 [HIGH] CVE-2021-31010: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-31010 Component: Core Telephony Impact: A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release. Description: A deserialization issue was addressed through improved validat
apple
CVE-2021-30832HIGHCVSS 7.82021-09-13
CVE-2021-30832 [HIGH] CVE-2021-30832: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30832 Component: CVMS Impact: A local attacker may be able to elevate their privileges Description: A memory corruption issue was addressed with improved state management.
apple
CVE-2021-30842HIGHCVSS 7.82021-09-13
CVE-2021-30842 [HIGH] CVE-2021-30842: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30842 Component: FontParser Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks.
apple
CVE-2021-30843HIGHCVSS 7.82021-09-13
CVE-2021-30843 [HIGH] CVE-2021-30843: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30843 Component: FontParser Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks.
apple
CVE-2021-30829HIGHCVSS 7.82021-09-13
CVE-2021-30829 [HIGH] CVE-2021-30829: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30829 Component: CUPS Impact: A local user may be able to execute arbitrary files Description: A URI parsing issue was addressed with improved parsing.
apple
CVE-2021-30859HIGHCVSS 7.82021-09-13
CVE-2021-30859 [HIGH] CVE-2021-30859: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30859 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling.
apple
CVE-2021-30830HIGHCVSS 7.82021-09-13
CVE-2021-30830 [HIGH] CVE-2021-30830: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30830 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.
apple
CVE-2021-30713HIGHCVSS 7.8KEV2021-09-13
CVE-2021-30713 [HIGH] CVE-2021-30713: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30713 Component: TCC Impact: A malicious application may be able to bypass Privacy preferences Description: A permissions issue was addressed with improved validation.
apple
CVE-2021-30860HIGHCVSS 7.8KEV2021-09-13
CVE-2021-30860 [HIGH] CVE-2021-30860: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30860 Component: CoreGraphics Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: An integer overflow was addressed with improved input validation.
apple
CVE-2021-30827HIGHCVSS 7.82021-09-13
CVE-2021-30827 [HIGH] CVE-2021-30827: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30827 Component: CUPS Impact: A local attacker may be able to elevate their privileges Description: A permissions issue existed. This issue was addressed with improved permission validation.
apple
CVE-2021-30865HIGHCVSS 7.82021-09-13
CVE-2021-30865 [HIGH] CVE-2021-30865: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30865 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read was addressed with improved input validation.
apple
CVE-2021-30857HIGHCVSS 7.02021-09-13
CVE-2021-30857 [HIGH] CVE-2021-30857: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30857 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking.
apple
CVE-2021-30847HIGHCVSS 7.82021-09-13
CVE-2021-30847 [HIGH] CVE-2021-30847: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30847 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks.
apple
CVE-2021-30841HIGHCVSS 7.82021-09-13
CVE-2021-30841 [HIGH] CVE-2021-30841: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30841 Component: FontParser Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks.
apple
CVE-2020-29622HIGHCVSS 7.52021-09-13
CVE-2020-29622 [HIGH] CVE-2020-29622: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2020-29622 Component: Kernel Impact: Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges Description: A race condition was addressed with additional validation.
apple
CVE-2021-22925MEDIUMCVSS 5.32021-09-13
CVE-2021-22925 [MEDIUM] CVE-2021-22925: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-22925 Component: CUPS Impact: A local user may be able to execute arbitrary files Description: A URI parsing issue was addressed with improved parsing.
apple
CVE-2013-0340MEDIUMCVSS 6.82021-09-13
CVE-2013-0340 [MEDIUM] CVE-2013-0340: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2013-0340 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling.
apple
CVE-2021-30783MEDIUMCVSS 6.52021-09-13
CVE-2021-30783 [MEDIUM] CVE-2021-30783: Security Update 2021-005 Catalina Apple Security Update: About the security content of Security Update 2021-005 Catalina Product: Security Update 2021-005 Catalina CVE: CVE-2021-30783 Component: CoreServices Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with improved access restrictions.
apple
1 / 2Next →