Total
318 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9837 | 1 Apple | 4 Ipad Os, Iphone Os, Mac Os X and 1 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5. A remote attacker may be able to leak memory. | |||||
| CVE-2020-3900 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2020-9830 | 1 Apple | 3 Ipad Os, Iphone Os, Mac Os X | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-11758 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipad Os, Iphone Os and 9 more | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h. | |||||
| CVE-2020-9792 | 1 Apple | 3 Ipad Os, Iphone Os, Mac Os X | 2024-02-04 | 2.1 LOW | 4.6 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A USB device may be able to cause a denial of service. | |||||
| CVE-2020-9809 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2024-02-04 | 7.1 HIGH | 5.5 MEDIUM |
| An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to determine kernel memory layout. | |||||
| CVE-2020-9816 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. | |||||
| CVE-2020-9793 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2020-9821 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2024-02-04 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-9827 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A remote attacker may be able to cause a denial of service. | |||||
| CVE-2020-9823 | 1 Apple | 2 Ipad Os, Iphone Os | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 13.5 and iPadOS 13.5. Users removed from an iMessage conversation may still be able to alter state. | |||||
| CVE-2020-9848 | 1 Apple | 2 Ipad Os, Iphone Os | 2024-02-04 | 2.1 LOW | 2.4 LOW |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5. A person with physical access to an iOS device may be able to view notification contents from the lockscreen. | |||||
| CVE-2020-3887 | 1 Apple | 6 Icloud, Ipad Os, Iphone Os and 3 more | 2024-02-04 | 4.3 MEDIUM | 4.3 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated. | |||||
| CVE-2020-3890 | 1 Apple | 2 Ipad Os, Iphone Os | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion. | |||||
| CVE-2020-3899 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2024-02-04 | 9.3 HIGH | 8.8 HIGH |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2020-3895 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2024-02-04 | 9.3 HIGH | 8.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2020-11765 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipad Os, Iphone Os and 9 more | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. | |||||
| CVE-2019-20044 | 5 Apple, Debian, Fedoraproject and 2 more | 10 Ipad Os, Iphone Os, Mac Os X and 7 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid(). | |||||