Vulnerabilities > Apple > Macos > 11.6.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-20 | CVE-2021-44224 | NULL Pointer Dereference vulnerability in multiple products A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). | 8.2 |
2021-12-20 | CVE-2021-44790 | Out-of-bounds Write vulnerability in multiple products A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). | 9.8 |
2021-12-19 | CVE-2021-4136 | Heap-based Buffer Overflow vulnerability in multiple products vim is vulnerable to Heap-based Buffer Overflow | 7.8 |
2021-10-19 | CVE-2021-30846 | Out-of-bounds Write vulnerability in multiple products A memory corruption issue was addressed with improved memory handling. | 7.8 |
2021-09-29 | CVE-2021-22946 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). | 7.5 |
2021-09-29 | CVE-2021-22947 | Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. | 5.9 |
2021-08-24 | CVE-2021-30897 | Unspecified vulnerability in Apple products An issue existed in the specification for the resource timing API. | 6.5 |
2021-08-24 | CVE-2021-30904 | Improper Synchronization vulnerability in Apple Macos A sync issue was addressed with improved state validation. | 5.3 |
2021-08-24 | CVE-2021-30923 | Race Condition vulnerability in Apple Macos A race condition was addressed with improved locking. | 7.0 |
2021-08-24 | CVE-2021-30924 | Unspecified vulnerability in Apple products A denial of service issue was addressed with improved state handling. | 7.5 |