Security Update 2021-008 Catalina

CVEs (46)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2020-29622	Apple Inc. macOS Catalina	—	0.00	Oct 19, 2021	A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.
CVE-2021-30835	Apple Inc. tvOS	—	0.00	Oct 19, 2021	This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2020-27942	Apple Inc. Security Update 2021-008 Catalina	—	0.00	Sep 8, 2021	A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2021-30790	Apple Inc. macOS	—	0.01	Sep 8, 2021	An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Opening a maliciously crafted file may lead to unexpected application termination or…
CVE-2021-30789	Apple Inc. macOS	—	0.01	Sep 8, 2021	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2021-30793	Apple Inc. macOS	—	0.02	Sep 8, 2021	A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-30787	Apple Inc. macOS	—	0.00	Sep 8, 2021	This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to cause unexpected system termination or write kernel memory.
CVE-2021-30782	Apple Inc. macOS	—	0.01	Sep 8, 2021	This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to access restricted files.
CVE-2021-30785	Apple Inc. macOS	—	0.01	Sep 8, 2021	A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2021-30783	Apple Inc. macOS	—	0.00	Sep 8, 2021	An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A sandboxed process may be able to circumvent sandbox restrictions.
CVE-2021-30780	Apple Inc. macOS	—	0.00	Sep 8, 2021	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A malicious application may be able to gain root privileges.
CVE-2021-30781	Apple Inc. macOS	—	0.00	Sep 8, 2021	This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A local attacker may be able to cause unexpected application termination or arbitrary…
CVE-2021-30776	Apple Inc. macOS	—	0.00	Sep 8, 2021	A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination.
CVE-2021-30777	Apple Inc. macOS	—	0.00	Sep 8, 2021	An injection issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.
CVE-2021-30775	Apple Inc. macOS	—	0.01	Sep 8, 2021	A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted audio file may lead to arbitrary code execution.
CVE-2021-30766	Apple Inc. macOS	—	0.01	Sep 8, 2021	An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-30765	Apple Inc. macOS	—	0.01	Sep 8, 2021	An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-30768	Apple Inc. macOS	—	0.01	Sep 8, 2021	A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions.
CVE-2021-30760	Apple Inc. macOS	—	0.00	Sep 8, 2021	An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary…
CVE-2021-30759	Apple Inc. macOS	—	0.01	Sep 8, 2021	A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code…

CVE-2020-29622Oct 19, 2021
Apple Inc.
macOS Catalina
risk 0.00cvss —epss 0.00
A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.
CVE-2021-30835Oct 19, 2021
Apple Inc.
tvOS
risk 0.00cvss —epss 0.00
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, iTunes 12.12 for Windows, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2020-27942Sep 8, 2021
Apple Inc.
Security Update 2021-008 Catalina
risk 0.00cvss —epss 0.00
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2021-30790Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Opening a maliciously crafted file may lead to unexpected application termination or…
CVE-2021-30789Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2021-30793Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.02
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-30787Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to cause unexpected system termination or write kernel memory.
CVE-2021-30782Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to access restricted files.
CVE-2021-30785Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2021-30783Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A sandboxed process may be able to circumvent sandbox restrictions.
CVE-2021-30780Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A malicious application may be able to gain root privileges.
CVE-2021-30781Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A local attacker may be able to cause unexpected application termination or arbitrary…
CVE-2021-30776Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Playing a malicious audio file may lead to an unexpected application termination.
CVE-2021-30777Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
An injection issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges.
CVE-2021-30775Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. Processing a maliciously crafted audio file may lead to arbitrary code execution.
CVE-2021-30766Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-30765Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges.
CVE-2021-30768Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions.
CVE-2021-30760Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary…
CVE-2021-30759Sep 8, 2021
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
A stack overflow was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. Processing a maliciously crafted font file may lead to arbitrary code…

Page 2 of 3