Lucene search
K

138 matches found

Prion
Prion
added 2020/04/01 6:15 p.m.20 views

Code injection

This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2. An application may be able to use an SSH client provided by private frameworks...

2.1CVSS6AI score0.00308EPSS
Exploits0References3Affected Software4
Prion
Prion
added 2020/04/01 6:15 p.m.16 views

Design/Logic Flaw

The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn't intend to...

5CVSS5.4AI score0.00762EPSS
Exploits0References1Affected Software2
UbuntuCve
UbuntuCve
added 2020/04/01 6:15 p.m.44 views

CVE-2020-3900

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to...

8.8CVSS6.9AI score0.01852EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/04/01 6:15 p.m.37 views

CVE-2020-3885

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed...

4.3CVSS6.9AI score0.01665EPSS
Exploits0References1
Prion
Prion
added 2020/04/01 6:15 p.m.23 views

Code injection

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic...

4CVSS5.3AI score0.01188EPSS
Exploits0References1Affected Software2
UbuntuCve
UbuntuCve
added 2020/04/01 6:15 p.m.36 views

CVE-2020-3894

A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory...

3.1CVSS6.7AI score0.01107EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2020/04/01 6:15 p.m.52 views

CVE-2020-3902

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site...

6.1CVSS6.6AI score0.01124EPSS
Exploits0References1
Prion
Prion
added 2020/04/01 6:15 p.m.21 views

Cross site scripting

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site...

4.3CVSS6.4AI score0.01124EPSS
Exploits0References6Affected Software6
UbuntuCve
UbuntuCve
added 2020/04/01 6:15 p.m.59 views

CVE-2020-3901

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrar...

8.8CVSS6.8AI score0.01846EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/01 5:57 p.m.24 views

CVE-2020-9785

Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges...

8.3AI score0.01283EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/04/01 5:57 p.m.20 views

CVE-2020-9783

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution...

8.8AI score0.01291EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/04/01 5:57 p.m.29 views

CVE-2020-9780

The issue was resolved by clearing application previews when content is deleted. This issue is fixed in iOS 13.4 and iPadOS 13.4. A local user may be able to view deleted content in the app switcher...

4.4AI score0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/01 5:56 p.m.24 views

CVE-2020-9781

The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn't intend to...

5.5AI score0.00762EPSS
Exploits0References1
CVE
CVE
added 2020/04/01 5:56 p.m.61 views

CVE-2020-9781

CVE-2020-9781 affects Safari on iOS/iPadOS. Issue: a user may grant website permissions to a site they didn’t intend due to prompt handling; root cause relates to permission prompts not being cleared properly after navigation. Impact stated as potential unintended permission grants; exploits not ...

5.3CVSS5.8AI score0.00762EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/04/01 5:55 p.m.27 views

CVE-2020-9770

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic...

5.5AI score0.01188EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/01 5:55 p.m.32 views

CVE-2020-9777

An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video. This issue is fixed in iOS 13.4 and iPadOS 13.4. Cropped videos may not be shared properly via Mail...

5.7AI score0.00802EPSS
Exploits0References1
CVE
CVE
added 2020/04/01 5:55 p.m.95 views

CVE-2020-9777

CVE-2020-9777 affects Apple’s Mail Attachments component in iOS/iPadOS. The issue is described as a problem in the selection of video files by Mail, which could cause cropped videos to be shared improperly. The vulnerability is addressed by Apple in iOS 13.4 and iPadOS 13.4, where the fix involve...

5.3CVSS6AI score0.00802EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/04/01 5:55 p.m.28 views

CVE-2020-9775

An issue existed in the handling of tabs displaying picture in picture video. The issue was corrected with improved state handling. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user's private browsing activity may be unexpectedly saved in Screen Time...

6.2AI score0.00858EPSS
Exploits0References2
CVE
CVE
added 2020/04/01 5:55 p.m.69 views

CVE-2020-9775

CVE-2020-9775 affects Safari on iOS/iPadOS; root cause: incorrect handling of tabs displaying picture-in-picture video, leading to potentially exposing a user’s private browsing activity to Screen Time. Apple fixed this in iOS 13.4 and iPadOS 13.4 via improved state handling; remediation is to up...

5.3CVSS5.7AI score0.00858EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2020/04/01 5:55 p.m.69 views

CVE-2020-9768

CVE-2020-9768 is a use-after-free vulnerability in Apple’s Image Processing component that affects iOS 13.4 and iPadOS 13.4 (and related platforms tvOS 13.4, watchOS 6.2). The issue allows an application to execute arbitrary code with system privileges due to memory handling deficiencies; Apple n...

9.3CVSS7.9AI score0.01279EPSS
Exploits0References3Affected Software4
Rows per page
Query Builder