working with Trend Micro Zero Day Initiative Impact: An out-of-bounds write was addressed with improved input validationĭescription: Processing a maliciously crafted image may lead to arbitrary code execution.ĬVE-2021-30743: Ye Zhang of Baidu Security, CFF of Topsec Alpha Team, Jzhu working with Trend Micro Zero Day Initiative, Xingwei Lin of Ant Security Light-Year Lab, CFF of Topsec Alpha Team, Jeonghoon Shin of THEORI working with Trend Micro Zero Day Initiativeĭescription: This issue was addressed with improved handling of file metadata.ĬVE-2021-30658: Wojciech Reguła of SecuRingĬVE-2021-1841: Jack Dates of RET2 Systems, Inc.ĬVE-2021-1834: ABC Research s.r.o. Impact: Processing a maliciously crafted image may lead to arbitrary code executionĬVE-2021-1880: Xingwei Lin of Ant Security Light-Year LabĬVE-2021-30653: Ye Zhang of Baidu SecurityĬVE-2021-1814: Ye Zhang of Baidu Security, Mickey Jin & Qi Sun of Trend Micro, and Xingwei Lin of Ant Security Light-Year LabĬVE-2021-1843: Ye Zhang of Baidu Securityĭescription: An out-of-bounds read was addressed with improved bounds checking.ĭescription: An out-of-bounds write issue was addressed with improved bounds checking. Impact: Processing maliciously crafted server messages may lead to heap corruptionĬVE-2021-1883: Gabe Kirkpatrick for: macOS Big Surĭescription: A race condition was addressed with improved locking.ĬVE-2021-1884: Gabe Kirkpatrick for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Impact: An application may be able to gain elevated privilegesĬVE-2021-1882: Gabe Kirkpatrick for: macOS Big Sur Impact: Processing a maliciously crafted font file may lead to arbitrary code executionĬVE-2021-1881: an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin of Trend Micro, and Hou JingYi of Qihoo 360 Impact: Muting a CallKit call while ringing may not result in mute being enabled This was addressed with additional ownership checks.ĬVE-2021-1784: Mikko Kenttälä of SensorFu, Csaba Fitzl of Offensive Security, and an anonymous researcher Impact: A malicious application may be able to modify protected parts of the file systemĭescription: A permissions issue existed in DiskArbitration. Impact: A remote attacker may be able to cause a denial of serviceĭescription: A buffer overflow was addressed with improved input validation. Impact: An attacker may provide a fraudulent OCSP response that would appear valid Impact: A malicious server may be able to disclose active servicesĭescription: This issue was addressed with improved checks. Impact: Processing a maliciously crafted font may result in the disclosure of process memoryĬVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code executionĬVE-2021-1847: Xuwei Liu of Purdue University Impact: A malicious application may be able to leak sensitive user informationĭescription: A validation issue was addressed with improved logic.ĬVE-2021-30659: Thijs Alkemade of Computest Impact: A malicious application may be able to read restricted memoryĭescription: A memory corruption issue was addressed with improved validation.ĬVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab Impact: Processing a maliciously crafted audio file may disclose restricted memoryĬVE-2021-1846: JunDong Xie of Ant Security Light-Year Lab Impact: A malicious application may bypass Gatekeeper checks Impact: A malicious application may be able to execute arbitrary code with kernel privilegesĭescription: An out-of-bounds read was addressed with improved input validation.ĬVE-2021-1867: Zuozhi Fan and Wish Wu(吴潍浠) of Ant Group Tianqiong Security Lab Impact: A malicious application may be able to bypass Privacy preferencesĭescription: An issue in code signature validation was addressed with improved checks. Impact: A local attacker may be able to elevate their privilegesĭescription: A logic issue was addressed with improved state management.ĬVE-2021-1853: Gary Nield of ECSC Group plc and Tim of Zoom Video Communications
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |