The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution.
Base Score: 9.3
Impact Score: 10
Exploitability Score: 8.6
Base Score: 7.8
Impact Score: 5.9
Exploitability Score: 1.8
|146215||Apple TV < 14.2 Multiple Vulnerabilities||Nessus||Misc.|
|144453||macOS 10.14.x < 10.14.6 Security Update 2020-007 / 10.15.x < 10.15.7 Security Update 2020-001 / macOS 11.x < 11.1 (HT212011)||Nessus||MacOS X Local Security Checks|
|143115||macOS 11.0.x < 11.0.1||Nessus||MacOS X Local Security Checks|
|142881||Apple iOS < 14.2 Multiple Vulnerabilities||Nessus||Mobile Devices|