Vulnerabilities > Apple > Macos > 11.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-29 | CVE-2021-22946 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). | 7.5 |
| 2021-09-29 | CVE-2021-22947 | Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. | 5.9 |
| 2021-09-20 | CVE-2021-39537 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in ncurses through v6.2-1. | 8.8 |
| 2021-08-24 | CVE-2021-30897 | Unspecified vulnerability in Apple products An issue existed in the specification for the resource timing API. | 6.5 |
| 2021-08-24 | CVE-2021-30904 | Improper Synchronization vulnerability in Apple Macos A sync issue was addressed with improved state validation. | 5.3 |
| 2021-08-24 | CVE-2021-30923 | Race Condition vulnerability in Apple Macos A race condition was addressed with improved locking. | 7.0 |
| 2021-08-24 | CVE-2021-30924 | Unspecified vulnerability in Apple products A denial of service issue was addressed with improved state handling. | 7.5 |
| 2021-08-24 | CVE-2021-30926 | Out-of-bounds Write vulnerability in Apple products Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. | 7.8 |
| 2021-08-24 | CVE-2021-30930 | Unspecified vulnerability in Apple Macos A logic issue was addressed with improved state management. | 5.3 |
| 2021-08-24 | CVE-2021-30955 | Race Condition vulnerability in Apple products A race condition was addressed with improved state handling. | 7.0 |