![]() ![]() ![]() Impact: A malicious application may be able to bypass Privacy preferencesĭescription: The issue was addressed with improved permissions logic.ĬVE-2021-30925: Csaba Fitzl of Offensive Security This issue was addressed with improved validation of symlinks.ĬVE-2021-30855: Zhipeng Huo and Yuebin Sun of Tencent Security Xuanwu Lab () Impact: An application may be able to access restricted filesĭescription: A validation issue existed in the handling of symlinks. Impact: Processing a maliciously crafted USD file may disclose memory contents Impact: A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOSĭescription: A logic issue was addressed with improved checks.ĬVE-2021-30813: Benjamin Berger of BBetterTech LLC, Aaron Hines of AHDesigns916, Peter Goedtkindt of Informatique-MTF S.A. Impact: A remote attacker may be able to cause a denial of serviceĭescription: This issue was addressed by updating expat to version 2.4.1. ![]() Impact: A sandboxed process may be able to circumvent sandbox restrictionsĬVE-2021-30864: Ron Hass of Perception Point, Ron Waisberg added January 19, 2022 Impact: A malicious application may be able to execute arbitrary code with kernel privilegesĭescription: A race condition was addressed with improved state handling.ĬVE-2021-30933: Jack Dates of RET2 Systems, Inc.ĬVE-2021-30835: Ye Zhang of Baidu Securityĭescription: An out-of-bounds read was addressed with improved input validation.ĭescription: A race condition was addressed with improved locking.ĭescription: A type confusion issue was addressed with improved state handling. Impact: A malicious application may bypass Gatekeeper checksĬVE-2021-30853: Gordon Long of Box, Inc. Impact: Processing a maliciously crafted dfont file may lead to arbitrary code executionĬVE-2021-30841: Xingwei Lin of Ant Security Light-Year LabĬVE-2021-30842: Xingwei Lin of Ant Security Light-Year LabĬVE-2021-30843: Xingwei Lin of Ant Security Light-Year Lab Impact: curl could potentially reveal sensitive internal information to the server using a clear-text network protocolĭescription: A buffer overflow was addressed with improved input validation.Įntry added September 20, 2021, updated January 19, 2022ĭescription: A memory corruption issue was addressed with improved state management.ĬVE-2021-30832: Mickey Jin of Trend Micro ![]() Impact: A local user may be able to execute arbitrary filesĭescription: A URI parsing issue was addressed with improved parsing. Impact: A local user may be able to read arbitrary files as root This issue was addressed with improved permission validation. Impact: A local attacker may be able to elevate their privilegesĭescription: A permissions issue existed. Impact: A sandboxed process may be able to circumvent sandbox restrictions. Apple was aware of a report that this issue may have been actively exploited at the time of release.ĭescription: A deserialization issue was addressed through improved validation.ĬVE-2021-31010: Citizen Lab and Google Project Zero Apple is aware of a report that this issue may have been actively exploited.ĭescription: An integer overflow was addressed with improved input validation. Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Impact: Processing a maliciously crafted image may lead to arbitrary code executionĭescription: A memory corruption issue was addressed with improved input validation.ĬVE-2021-30928: Mickey Jin of Trend Micro Impact: Processing a malicious audio file may result in unexpected application termination or arbitrary code executionĭescription: A logic issue was addressed with improved state management.ĬVE-2021-30834: JunDong Xie of Ant Security Light-Year Lab Impact: A malicious application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling. Impact: A local attacker may be able to read sensitive informationĭescription: This issue was addressed with improved checks.ĬVE-2021-30811: an anonymous researcher working with Compartir ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |