Apple's notes state that two of the vulnerabilities are reportedly being actively exploited. One allows arbitrary code execution, the other enables privilege escalation.
The same issues were recently fixed in iOS 14.4 and related operating systems.
The vulnerabilities addressed by the updates allowed various types of attack, including denial of service, access to files, access to private information, arbitrary code execution, privilege escalation, system file modification, access to kernel memory, memory leaks, authentication policy bypass, and access to restricted network ports.
Some of them could variously be exploited by maliciously crafted web content, fonts, text files, images, USD (universal scene description) files, and Samba network shares.
One very specific problem fixed by the updates was that a user that was removed from an iMessage group could rejoin it.
Big Sur 11.2 delivers other improvements.
It improves Bluetooth reliability, and fixes issues involving: external displays connected to an M1 Mac mini using an HDMI to DVI converter, ProRAW photos and the Photos app, iCloud Drive, System Preferences, and Emoji & Symbols pane.
In addition, Apple no longer allows macOS and its own apps to bypass VPNs and firewalls.
The Big Sur, Catalina and Mojave updates can be installed via the Software Update system preference.