Total
3664 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-3897 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. | |||||
CVE-2020-11760 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. | |||||
CVE-2020-13631 | 8 Apple, Brocade, Canonical and 5 more | 19 Icloud, Ipados, Iphone Os and 16 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | |||||
CVE-2020-14451 | 2 Apple, Mattermost | 2 Iphone Os, Mattermost Mobile | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Mattermost Mobile Apps before 1.29.0. The iOS app allowed Single Sign-On cookies and Local Storage to remain after a logout, aka MMSA-2020-0013. | |||||
CVE-2020-3916 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, watchOS 6.2. Setting an alternate app icon may disclose a photo without needing permission to access photos. | |||||
CVE-2020-9773 | 1 Apple | 2 Ipados, Iphone Os | 2024-02-28 | 4.3 MEDIUM | 3.3 LOW |
The issue was addressed with improved handling of icon caches. This issue is fixed in iOS 14.0 and iPadOS 14.0. A malicious application may be able to identify what other applications a user has installed. | |||||
CVE-2019-4735 | 2 Apple, Ibm | 2 Iphone Os, Maas360 | 2024-02-28 | 2.1 LOW | 4.6 MEDIUM |
IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. IBM X-Force ID: 172705. | |||||
CVE-2020-3890 | 1 Apple | 2 Ipad Os, Iphone Os | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion. | |||||
CVE-2020-9823 | 1 Apple | 2 Ipados, Iphone Os | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
This issue was addressed with improved checks. This issue is fixed in iOS 13.5 and iPadOS 13.5. Users removed from an iMessage conversation may still be able to alter state. | |||||
CVE-2020-11764 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. | |||||
CVE-2020-9800 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2020-9807 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2020-11765 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. | |||||
CVE-2020-9790 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
CVE-2020-11758 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h. | |||||
CVE-2020-9803 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2020-3917 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks. | |||||
CVE-2020-9777 | 1 Apple | 2 Ipados, Iphone Os | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video. This issue is fixed in iOS 13.4 and iPadOS 13.4. Cropped videos may not be shared properly via Mail. | |||||
CVE-2020-9839 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-02-28 | 5.1 MEDIUM | 7.0 HIGH |
A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to gain elevated privileges. | |||||
CVE-2020-9837 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5. A remote attacker may be able to leak memory. |