Filtered by vendor Apple
Subscriptions
Filtered by product Macos
Subscriptions
Total
3492 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-11581 | 4 Apple, Linux, Oracle and 1 more | 5 Macos, Linux Kernel, Solaris and 2 more | 2024-08-04 | 8.1 High |
| An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via shell metacharacters to the doCustomRemediateInstructions method, because Runtime.getRuntime().exec() is used. | ||||
| CVE-2020-11580 | 4 Apple, Linux, Oracle and 1 more | 5 Macos, Linux Kernel, Solaris and 2 more | 2024-08-04 | 9.1 Critical |
| An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate. | ||||
| CVE-2020-10663 | 7 Apple, Debian, Fedoraproject and 4 more | 10 Macos, Debian Linux, Fedora and 7 more | 2024-08-04 | 7.5 High |
| The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent. | ||||
| CVE-2020-10008 | 1 Apple | 1 Macos | 2024-08-04 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.0.1. A malicious application with root privileges may be able to access private information. | ||||
| CVE-2020-9978 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-08-04 | 4.5 Medium |
| This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be able to unexpectedly alter application state. | ||||
| CVE-2020-10005 | 1 Apple | 1 Macos | 2024-08-04 | 6.5 Medium |
| A resource exhaustion issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. An attacker in a privileged network position may be able to perform denial of service. | ||||
| CVE-2020-10014 | 1 Apple | 2 Mac Os X, Macos | 2024-08-04 | 6.3 Medium |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to break out of its sandbox. | ||||
| CVE-2020-9962 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-04 | 7.8 High |
| A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
| CVE-2020-10012 | 1 Apple | 2 Mac Os X, Macos | 2024-08-04 | 6.1 Medium |
| An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted document may lead to a cross site scripting attack. | ||||
| CVE-2020-10015 | 1 Apple | 2 Mac Os X, Macos | 2024-08-04 | 7.8 High |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2020-10016 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-04 | 7.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2020-9965 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-04 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2020-9956 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-04 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted font file may lead to arbitrary code execution. | ||||
| CVE-2020-9971 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-04 | 7.8 High |
| A logic issue was addressed with improved validation. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. A malicious application may be able to elevate privileges. | ||||
| CVE-2020-9975 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-04 | 7.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2020-9967 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-04 | 7.8 High |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2020-9960 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-08-04 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted audio file may lead to arbitrary code execution. | ||||
| CVE-2020-9972 | 1 Apple | 4 Ipad Os, Iphone Os, Macos and 1 more | 2024-08-04 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. | ||||
| CVE-2020-9955 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-04 | 7.8 High |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution. | ||||
| CVE-2020-9941 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-08-04 | 7.5 High |
| This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state. | ||||