Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary filesOnyX is a multifunction utility that you can use to verify the structure of the system files run miscellaneous maintenance and cleaning tasks configure parameters in the Finder, Dock, Safari, and some Apple applications delete caches remove certain problematic folders and files rebuild various databases and indexes and more. ![]() Impact: A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screenĭescription: An authentication issue was addressed with improved state management. Impact: A person with physical access to a device may be able to determine characteristics of a user's password in a secure text entry field Impact: A malicious application may gain access to a user's Keychain itemsĭescription: The issue was addressed with improved permissions logic.ĬVE-2021-30912: Kirin and chenyuwang of Tencent Security Xuanwu Lab Impact: A remote attacker may be able to leak memoryĭescription: A logic issue was addressed with improved state management.ĬVE-2021-30844: Peter Nguyen Vu Hoang of STAR Labs Impact: Processing a maliciously crafted USD file may disclose memory contentsĬVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab Impact: Processing a maliciously crafted file may disclose user informationĬVE-2021-30910: Mickey Jin of Trend Micro Impact: An application may be able to execute arbitrary code with kernel privileges Apple is aware of a report that this issue may have been actively exploited. Impact: An application may be able to execute arbitrary code with kernel privileges. Impact: A local attacker may be able to elevate their privilegesĭescription: This issue was addressed with improved checks.ĭescription: A memory corruption issue was addressed with improved state management.ĬVE-2021-30824: Antonio Zekic of Divertoĭescription: Multiple out-of-bounds write issues were addressed with improved bounds checking.ĬVE-2021-30901: Zuozhi Fan of Ant Security TianQiong Lab, Jack Dates of RET2 Systems, Inc., Liu Long of Ant Security Light-Year Lab, Yinyi Wu of Ant Security Light-Year LabĬVE-2021-30922: Jack Dates of RET2 Systems, Inc., Yinyi Wu updated January 19, 2022, updated May 25, 2022ĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2021-30821: Tim Michaud of Zoom Video Communications Impact: Processing a maliciously crafted image may lead to arbitrary code executionĭescription: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. Impact: A malicious application may be able to execute arbitrary code with kernel privilegesĭescription: A race condition was addressed with improved state handling.ĬVE-2021-30899: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America ![]() Impact: A malicious application may be able to elevate privilegesĭescription: An integer overflow was addressed through improved input validation. Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memoryĭescription: An out-of-bounds read was addressed with improved bounds checking.ĬVE-2021-30876: Jeremy Brown, hjy79425575ĬVE-2021-30879: Jeremy Brown, hjy79425575
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |