Total
4068 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3887 | 1 Apple | 6 Icloud, Ipad Os, Iphone Os and 3 more | 2020-04-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated. | |||||
| CVE-2020-9781 | 1 Apple | 2 Ipados, Iphone Os | 2020-04-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn't intend to. | |||||
| CVE-2020-3914 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2020-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to read restricted memory. | |||||
| CVE-2020-3911 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2020-04-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | |||||
| CVE-2020-9783 | 1 Apple | 6 Icloud, Ipados, Iphone Os and 3 more | 2020-04-02 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution. | |||||
| CVE-2020-3910 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2020-04-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2. | |||||
| CVE-2020-9768 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2020-04-02 | 9.3 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-8741 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2020-04-01 | 7.8 HIGH | 7.5 HIGH |
| A denial of service issue was addressed with improved input validation. | |||||
| CVE-2020-3875 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2020-03-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory. | |||||
| CVE-2020-3870 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2020-03-03 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2020-3853 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2020-03-03 | 9.3 HIGH | 7.8 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-3829 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2020-03-02 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to gain elevated privileges. | |||||
| CVE-2020-3826 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2020-03-02 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2020-3831 | 1 Apple | 2 Ipados, Iphone Os | 2020-03-02 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-3869 | 1 Apple | 2 Ipados, Iphone Os | 2020-03-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue existed in the handling of the local user's self-view. The issue was corrected with improved logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A remote FaceTime user may be able to cause the local user's camera self-view to display the incorrect camera. | |||||
| CVE-2019-8641 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2020-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds read was addressed with improved input validation. | |||||
| CVE-2014-8128 | 2 Apple, Libtiff | 3 Iphone Os, Mac Os X, Libtiff | 2020-02-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image. | |||||
| CVE-2017-2371 | 1 Apple | 1 Iphone Os | 2020-01-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "WebKit" component, which allows remote attackers to launch popups via a crafted web site. | |||||
| CVE-2016-4764 | 1 Apple | 4 Iphone Os, Itunes, Safari and 1 more | 2020-01-23 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in certain Apple products. iOS before 10 is affected. Safari before 10 is affected. iTunes before 12.5.1 is affected. tvOS before 10 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | |||||
| CVE-2018-4386 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2020-01-08 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | |||||