Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Ipados
Total 1252 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-8819 1 Apple 6 Icloud, Ipados, Iphone Os and 3 more 2024-02-28 6.8 MEDIUM 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-3828 1 Apple 2 Ipados, Iphone Os 2024-02-28 2.1 LOW 2.4 LOW
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.
CVE-2019-8794 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory.
CVE-2020-3870 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-02-28 6.8 MEDIUM 7.8 HIGH
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2019-8788 1 Apple 3 Ipados, Iphone Os, Mac Os X 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration.
CVE-2019-8808 1 Apple 6 Ipados, Iphone Os, Itunes and 3 more 2024-02-28 6.8 MEDIUM 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8783 1 Apple 6 Icloud, Ipados, Iphone Os and 3 more 2024-02-28 6.8 MEDIUM 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8816 2 Apple, Redhat 10 Icloud, Ipados, Iphone Os and 7 more 2024-02-28 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-3862 2 Apple, Opensuse 7 Icloud, Ipados, Iphone Os and 4 more 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service.
CVE-2019-8804 1 Apple 2 Ipados, Iphone Os 2024-02-28 2.9 LOW 5.7 MEDIUM
An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.
CVE-2013-0340 3 Apple, Libexpat Project, Python 7 Ipados, Iphone Os, Macos and 4 more 2024-02-28 6.8 MEDIUM N/A
expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.
CVE-2013-0899 6 Apple, Google, Linux and 3 more 9 Ipados, Iphone Os, Mac Os X and 6 more 2024-02-28 5.0 MEDIUM N/A
Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.