macOS Big Sur
by Apple Inc.
CVEs (363)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-30788 | Hig | 0.46 | 7.1 | 0.01 | Sep 8, 2021 | This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or… | ||
| CVE-2021-30786 | Hig | 0.46 | 7.0 | 0.01 | Sep 8, 2021 | A race condition was addressed with improved state handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. | ||
| CVE-2021-31004 | Hig | 0.46 | 7.0 | 0.00 | Aug 24, 2021 | A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.5. An application may be able to gain elevated privileges. | ||
| CVE-2021-30995 | Hig | 0.46 | 7.0 | 0.02 | Aug 24, 2021 | A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges. | ||
| CVE-2021-30933 | Hig | 0.46 | 7.0 | 0.01 | Aug 24, 2021 | A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2021-30868 | Hig | 0.46 | 7.0 | 0.01 | Aug 24, 2021 | A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2021-30857 | Hig | 0.46 | 7.0 | 0.01 | Aug 24, 2021 | A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel… | ||
| CVE-2020-27921 | Hig | 0.46 | 7.0 | 0.01 | Apr 2, 2021 | A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. | ||
| CVE-2022-32832 | Med | 0.44 | 6.7 | 0.01 | Sep 23, 2022 | The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with… | ||
| CVE-2021-30721 | Med | 0.44 | 6.5 | 0.24 | Sep 8, 2021 | A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to leak sensitive user information. | ||
| CVE-2023-28182 | Med | 0.42 | 6.5 | 0.01 | May 8, 2023 | The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is… | ||
| CVE-2022-26726 | Med | 0.42 | 6.5 | 0.02 | May 26, 2022 | This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen. | ||
| CVE-2022-22662 | Med | 0.42 | 6.5 | 0.01 | May 26, 2022 | A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information. | ||
| CVE-2021-1821 | Med | 0.42 | 6.5 | 0.01 | Oct 28, 2021 | A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service. | ||
| CVE-2020-10005 | Med | 0.42 | 6.5 | 0.01 | Oct 28, 2021 | A resource exhaustion issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. An attacker in a privileged network position may be able to perform denial of service. | ||
| CVE-2021-30659 | Med | 0.42 | 6.5 | 0.01 | Sep 8, 2021 | A validation issue was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, macOS Big Sur 11.3. A malicious application may be able to leak sensitive user information. | ||
| CVE-2021-1878 | Med | 0.42 | 6.5 | 0.02 | Sep 8, 2021 | An integer overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. An attacker in a privileged network position may be able to leak sensitive user information. | ||
| CVE-2021-1873 | Med | 0.42 | 6.5 | 0.01 | Sep 8, 2021 | An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to unexpectedly leak a user's… | ||
| CVE-2021-1860 | Med | 0.42 | 6.5 | 0.01 | Sep 8, 2021 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to… | ||
| CVE-2021-1857 | Med | 0.42 | 6.5 | 0.01 | Sep 8, 2021 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and… |
- risk 0.46cvss 7.1epss 0.01
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted tiff file may lead to a denial-of-service or…
- risk 0.46cvss 7.0epss 0.01
A race condition was addressed with improved state handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.
- risk 0.46cvss 7.0epss 0.00
A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.5. An application may be able to gain elevated privileges.
- risk 0.46cvss 7.0epss 0.02
A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to elevate privileges.
- risk 0.46cvss 7.0epss 0.01
A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.
- risk 0.46cvss 7.0epss 0.01
A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.
- risk 0.46cvss 7.0epss 0.01
A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel…
- risk 0.46cvss 7.0epss 0.01
A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges.
- risk 0.44cvss 6.7epss 0.01
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with…
- risk 0.44cvss 6.5epss 0.24
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to leak sensitive user information.
- risk 0.42cvss 6.5epss 0.01
The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is…
- risk 0.42cvss 6.5epss 0.02
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen.
- risk 0.42cvss 6.5epss 0.01
A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.
- risk 0.42cvss 6.5epss 0.01
A logic issue was addressed with improved state management. This issue is fixed in watchOS 7.6, macOS Big Sur 11.5. Visiting a maliciously crafted webpage may lead to a system denial of service.
- risk 0.42cvss 6.5epss 0.01
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. An attacker in a privileged network position may be able to perform denial of service.
- risk 0.42cvss 6.5epss 0.01
A validation issue was addressed with improved logic. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, macOS Big Sur 11.3. A malicious application may be able to leak sensitive user information.
- risk 0.42cvss 6.5epss 0.02
An integer overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. An attacker in a privileged network position may be able to leak sensitive user information.
- risk 0.42cvss 6.5epss 0.01
An API issue in Accessibility TCC permissions was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A malicious application may be able to unexpectedly leak a user's…
- risk 0.42cvss 6.5epss 0.01
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. A malicious application may be able to…
- risk 0.42cvss 6.5epss 0.01
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and…
Page 11 of 19