Filtered by vendor Apple
Subscriptions
Filtered by product Iphone Os
Subscriptions
Total
3731 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-27950 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-08-04 | 5.5 Medium |
| A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory. | ||||
| CVE-2020-27912 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-08-04 | 7.8 High |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
| CVE-2020-27918 | 5 Apple, Debian, Fedoraproject and 2 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-08-04 | 7.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2020-27909 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-04 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution. | ||||
| CVE-2020-27902 | 1 Apple | 2 Ipados, Iphone Os | 2024-08-04 | 4.6 Medium |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2. A person with physical access to an iOS device may be able to access stored passwords without authentication. | ||||
| CVE-2020-27899 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-04 | 7.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1, watchOS 7.1, tvOS 14.2. A local attacker may be able to elevate their privileges. | ||||
| CVE-2020-27905 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-08-04 | 7.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to execute arbitrary code with system privileges. | ||||
| CVE-2020-16046 | 2 Apple, Google | 2 Iphone Os, Chrome | 2024-08-04 | 6.1 Medium |
| Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | ||||
| CVE-2020-15984 | 6 Apple, Debian, Fedoraproject and 3 more | 6 Iphone Os, Debian Linux, Fedora and 3 more | 2024-08-04 | 6.5 Medium |
| Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL. | ||||
| CVE-2020-15969 | 6 Apple, Debian, Fedoraproject and 3 more | 14 Ipados, Iphone Os, Macos and 11 more | 2024-08-04 | 8.8 High |
| Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-15651 | 2 Apple, Mozilla | 2 Iphone Os, Firefox | 2024-08-04 | 4.3 Medium |
| A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28. | ||||
| CVE-2020-15358 | 6 Apple, Canonical, Oracle and 3 more | 17 Icloud, Ipados, Iphone Os and 14 more | 2024-08-04 | 5.5 Medium |
| In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | ||||
| CVE-2020-14451 | 2 Apple, Mattermost | 2 Iphone Os, Mattermost Mobile | 2024-08-04 | 7.5 High |
| An issue was discovered in Mattermost Mobile Apps before 1.29.0. The iOS app allowed Single Sign-On cookies and Local Storage to remain after a logout, aka MMSA-2020-0013. | ||||
| CVE-2020-13631 | 9 Apple, Brocade, Canonical and 6 more | 20 Icloud, Ipados, Iphone Os and 17 more | 2024-08-04 | 5.5 Medium |
| SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | ||||
| CVE-2020-13630 | 10 Apple, Brocade, Canonical and 7 more | 21 Icloud, Ipados, Iphone Os and 18 more | 2024-08-04 | 7.0 High |
| ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | ||||
| CVE-2020-13434 | 8 Apple, Canonical, Debian and 5 more | 16 Icloud, Ipados, Iphone Os and 13 more | 2024-08-04 | 5.5 Medium |
| SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. | ||||
| CVE-2020-12651 | 4 Apple, Linux, Microsoft and 1 more | 5 Iphone Os, Macos, Linux Kernel and 2 more | 2024-08-04 | 9.8 Critical |
| SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX. | ||||
| CVE-2020-11763 | 7 Apple, Canonical, Debian and 4 more | 13 Icloud, Ipados, Iphone Os and 10 more | 2024-08-04 | 5.5 Medium |
| An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. | ||||
| CVE-2020-11761 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-08-04 | 5.5 Medium |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. | ||||
| CVE-2020-11759 | 5 Apple, Canonical, Debian and 2 more | 11 Icloud, Ipados, Iphone Os and 8 more | 2024-08-04 | 5.5 Medium |
| An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer. | ||||