Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Total 11571 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9915 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
CVE-2020-9914 1 Apple 3 Ipados, Iphone Os, Tvos 2024-11-21 5.0 MEDIUM 7.5 HIGH
An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets.
CVE-2020-9913 1 Apple 1 Mac Os X 2024-11-21 2.1 LOW 5.5 MEDIUM
This issue was addressed with improved data protection. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to leak sensitive user information.
CVE-2020-9912 1 Apple 1 Safari 2024-11-21 2.1 LOW 3.3 LOW
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode.
CVE-2020-9911 1 Apple 3 Ipados, Iphone Os, Safari 2024-11-21 5.0 MEDIUM 7.5 HIGH
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy.
CVE-2020-9910 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 6.5 MEDIUM 8.8 HIGH
Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
CVE-2020-9909 1 Apple 4 Ipados, Iphone Os, Tvos and 1 more 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.
CVE-2020-9908 1 Apple 1 Mac Os X 2024-11-21 6.6 MEDIUM 7.1 HIGH
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory.
CVE-2020-9907 1 Apple 3 Ipados, Iphone Os, Tvos 2024-11-21 9.3 HIGH 7.8 HIGH
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges.
CVE-2020-9906 1 Apple 4 Ipados, Iphone Os, Mac Os X and 1 more 2024-11-21 9.4 HIGH 9.1 CRITICAL
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2020-9905 1 Apple 4 Ipados, Iphone Os, Mac Os X and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A remote attacker may be able to cause a denial of service.
CVE-2020-9904 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-11-21 9.3 HIGH 7.8 HIGH
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges.
CVE-2020-9903 1 Apple 3 Ipados, Iphone Os, Safari 2024-11-21 5.0 MEDIUM 7.5 HIGH
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain.
CVE-2020-9902 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-11-21 7.1 HIGH 5.5 MEDIUM
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to determine kernel memory layout.
CVE-2020-9901 1 Apple 4 Ipados, Iphone Os, Mac Os X and 1 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to elevate their privileges.
CVE-2020-9900 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A local attacker may be able to elevate their privileges.
CVE-2020-9899 1 Apple 1 Mac Os X 2024-11-21 9.3 HIGH 7.8 HIGH
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges.
CVE-2020-9898 1 Apple 3 Ipados, Iphone Os, Mac Os X 2024-11-21 7.5 HIGH 9.8 CRITICAL
This issue was addressed with improved entitlements. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A sandboxed process may be able to circumvent sandbox restrictions.
CVE-2020-9897 1 Apple 3 Ipados, Iphone Os, Macos 2024-11-21 6.8 MEDIUM 7.8 HIGH
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1. Processing a maliciously crafted PDF may lead to arbitrary code execution.
CVE-2020-9895 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.