Total
29473 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31612 | 1 Zh-jieli | 24 Ac6901, Ac6901 Firmware, Ac6902 and 21 more | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing attackers in radio range to trigger a deadlock via a crafted LMP packet. | |||||
| CVE-2021-30797 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution. | |||||
| CVE-2021-40540 | 1 Ulfius Project | 1 Ulfius | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests. | |||||
| CVE-2021-30804 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.3 MEDIUM | 3.3 LOW |
| A permissions issue was addressed with improved validation. This issue is fixed in iOS 14.7. A malicious application may be able to access Find My data. | |||||
| CVE-2021-30731 | 1 Apple | 2 Mac Os X, Macos | 2024-02-28 | 1.9 LOW | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina. An unprivileged application may be able to capture USB devices. | |||||
| CVE-2021-30756 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| A local attacker may be able to view Now Playing information from the lock screen. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6. A privacy issue in Now Playing was addressed with improved permissions. | |||||
| CVE-2021-30738 | 1 Apple | 2 Mac Os X, Macos | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| A malicious application may be able to overwrite arbitrary files. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Mojave. An issue with path validation logic for hardlinks was addressed with improved path sanitization. | |||||
| CVE-2021-36162 | 1 Apache | 1 Dubbo | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
| Apache Dubbo supports various rules to support configuration override or traffic routing (called routing in Dubbo). These rules are loaded into the configuration center (eg: Zookeeper, Nacos, ...) and retrieved by the customers when making a request in order to find the right endpoint. When parsing these YAML rules, Dubbo customers will use SnakeYAML library to load the rules which by default will enable calling arbitrary constructors. An attacker with access to the configuration center he will be able to poison the rule so when retrieved by the consumers, it will get RCE on all of them. This was fixed in Dubbo 2.7.13, 3.0.2 | |||||
| CVE-2020-27940 | 1 Apple | 1 Apple Tv | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| This issue was addressed with improved file handling. This issue is fixed in Apple TV app for Fire OS 6.1.0.6A142:7.1.0. An attacker with file system access may modify scripts used by the app. | |||||
| CVE-2021-30781 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-005 Mojave, Security Update 2021-004 Catalina. A local attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2021-38642 | 2 Apple, Microsoft | 2 Iphone Os, Edge | 2024-02-28 | 4.0 MEDIUM | 6.1 MEDIUM |
| Microsoft Edge for iOS Spoofing Vulnerability | |||||
| CVE-2021-30778 | 1 Apple | 1 Macos | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.5. A malicious application may be able to bypass Privacy preferences. | |||||
| CVE-2021-31613 | 1 Zh-jieli | 10 Ac6901, Ac6901 Firmware, Ac6921 and 7 more | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
| The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers in radio range to immediately crash (and restart) a device via a crafted LMP packet. | |||||
| CVE-2021-30793 | 1 Apple | 2 Mac Os X, Macos | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-30782 | 1 Apple | 1 Mac Os X | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to access restricted files. | |||||
| CVE-2021-31610 | 2 Bluetrum, Mi | 6 Ab5376t, Ab5376t Firmware, Bt8896a and 3 more | 2024-02-28 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Classic implementation on AB32VG1 devices does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (either restart or deadlock the device) by flooding a device with LMP_AU_rand data. | |||||
| CVE-2021-30774 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. A malicious application may be able to gain root privileges. | |||||
| CVE-2021-30798 | 1 Apple | 3 Iphone Os, Macos, Watchos | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6. A malicious application may be able to bypass certain Privacy preferences. | |||||
| CVE-2021-30787 | 1 Apple | 2 Mac Os X, Macos | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2021-30779 | 1 Apple | 4 Iphone Os, Macos, Tvos and 1 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||