CVE-2020-9937

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...

CVE-2020-9980

CVE-2020-9980 is an out-of-bounds write vulnerability in FontParser that could allow arbitrary code execution when parsing a malicious font file. The connected Apple advisories show affected components across multiple Apple platforms (macOS, iOS/iPadOS, tvOS, watchOS) and specify the fix in iOS 1...

CVE-2020-9980

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted font file may lead to arbitrary code execution...

CVE-2020-9902

CVE-2020-9902 is an out-of-bounds read vulnerability in Apple’s kernel component that could allow a malicious app to determine the kernel memory layout. The issue is fixed in iOS 13.6, iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, and watchOS 6.2.8. Connected Apple advisories cite kernel memo...

CVE-2020-9905

The CVE-2020-9905 entry describes a buffer overflow fixed by improved bounds checking. The vulnerability affected Apple platforms and could enable a remote attacker to cause a denial of service. Remediation is available in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, and tvOS 13.4.8. The con...

CVE-2020-9905

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A remote attacker may be able to cause a denial of service...

CVE-2020-9879

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...

CVE-2020-9880

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution...

CVE-2020-9872

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...

CVE-2020-9876

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Opening a maliciously crafted PDF file may...

CVE-2020-9874

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...

CVE-2020-9871

CVE-2020-9871: An out-of-bounds write in ImageIO (openEXR handling) may allow arbitrary code execution when processing a malicious image. Affected products include Apple OSes and related apps; Apple’s mitigations are in security updates. Remediation: patch in iOS 13.6/iPadOS 13.6, macOS Catalina ...

SUSE-SU-2020:3003-1 Security update for mercurial

This update for mercurial fixes the following issues: Security issue fixed: - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035...

SUSE-SU-2020:2999-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause bsc1176423. - CVE-2020-0427: Fixed an out of bounds read due to a use after free...

PT-2020-20854 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 macOS Catalina versions prior to 10.15.6 tvOS versions prior to 13.4.8 Description: A buffer overflow issue was addressed through improved bounds checking, which could allow a remote...

PT-2020-20831 · Apple · Macos Catalina +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 macOS Catalina versions prior to 10.15.6 tvOS versions prior to 13.4.8 watchOS versions prior to 6.2.8 Description: A buffer overflow issue was addressed with improved bounds checking...

Updated kernel packages fix security vulnerabilities

A flaw was found in the way the Linux kernel Bluetooth implementation handled L2CAP packets with A2MP CID. A remote attacker in adjacent range could use this flaw to crash the system causing denial of service or potentially execute arbitrary code on the system by sending a specially crafted L2CAP...

EulerOS Virtualization 3.0.2.2 : ruby (EulerOS-SA-2020-2219)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch...

WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload

Exploit Title: WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload Date: 2020-10-20 Exploit Author: Net-Hunter Google Dork: N/A Software Link: https://ms.wordpress.org/plugins/hs-brand-logo-slider/ Vendor Homepage: https://www.heliossolutions.co/ Tested on: Linux Apache / Wordpre...

Insecure Access Control

overlayfs uses insecure access control. Insufficient permission checking when copying up files in an overlayfs. An attacker is able to exploit the vulnerability to obtain read access to files on the system. that they would not normally be permitted to access...