Filtered by vendor Apple
Subscribe
Total
11571 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-9915 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | |||||
CVE-2020-9914 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets. | |||||
CVE-2020-9913 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
This issue was addressed with improved data protection. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to leak sensitive user information. | |||||
CVE-2020-9912 | 1 Apple | 1 Safari | 2024-11-21 | 2.1 LOW | 3.3 LOW |
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode. | |||||
CVE-2020-9911 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy. | |||||
CVE-2020-9910 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. | |||||
CVE-2020-9909 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. | |||||
CVE-2020-9908 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory. | |||||
CVE-2020-9907 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2020-9906 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. | |||||
CVE-2020-9905 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A remote attacker may be able to cause a denial of service. | |||||
CVE-2020-9904 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2020-9903 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain. | |||||
CVE-2020-9902 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to determine kernel memory layout. | |||||
CVE-2020-9901 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to elevate their privileges. | |||||
CVE-2020-9900 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A local attacker may be able to elevate their privileges. | |||||
CVE-2020-9899 | 1 Apple | 1 Mac Os X | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2020-9898 | 1 Apple | 3 Ipados, Iphone Os, Mac Os X | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
This issue was addressed with improved entitlements. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
CVE-2020-9897 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1. Processing a maliciously crafted PDF may lead to arbitrary code execution. | |||||
CVE-2020-9895 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. |