NVD disclosure day
CVE-2021-31010
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A deserialization issue in Apple operating systems could allow a sandboxed process to bypass security restrictions, potentially impacting data integrity. This has been addressed through security updates.
CVE-2021-30983
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A buffer overflow in Apple operating systems allows an application to execute arbitrary code with kernel privileges, posing a risk of unauthorized system control and data compromise. This vulnerability impacts affected devices and requires prompt attention.
CVE-2021-30952
Halo Surface Signal: 3 out of 5 — possibly public-facing.
Certain Apple software, including Safari and macOS, is affected by an integer overflow vulnerability. This flaw could allow an attacker to execute arbitrary code on affected systems by processing maliciously crafted web content. The business risk includes potential data compromise and unauthorized system access.
CVE-2021-30900
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
An out-of-bounds write in Apple operating systems allows malicious applications to gain kernel privileges. This poses a risk to affected organizations by potentially compromising devices and data. Updates are available to address this issue.
CVE-2021-30883
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A memory corruption vulnerability in Apple operating systems could allow an application to execute arbitrary code with kernel privileges. Apple is aware of reports indicating this issue may have been exploited, posing a risk to affected devices and data.
CVE-2021-30869
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A type confusion vulnerability in Apple operating systems could allow a malicious application to execute arbitrary code with kernel privileges. Organizations should apply vendor updates to mitigate this risk.
CVE-2021-30860
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability exists in certain Apple software that could allow unauthorized code execution when processing a malicious PDF. This poses a business risk to affected organizations by potentially compromising systems and data, especially as active exploitation has been reported. Mitigation involves applying vendor-provi
CVE-2021-30858
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A flaw in memory management affects web content processing, potentially allowing code execution via crafted web material. This poses a business risk to affected organizations by enabling unauthorized access or data manipulation.