Lucene search
K

162 matches found

Prion
Prion
added 2020/10/16 5:15 p.m.18 views

Code injection

A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the...

5CVSS5.7AI score0.01361EPSS
Exploits0References7Affected Software7
Prion
Prion
added 2020/10/16 5:15 p.m.28 views

Authentication flaw

Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able t...

6.5CVSS8.2AI score0.02163EPSS
Exploits1References7Affected Software7
Prion
Prion
added 2020/10/16 5:15 p.m.15 views

Buffer overflow

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution...

6.8CVSS8.2AI score0.01268EPSS
Exploits0References3Affected Software5
Prion
Prion
added 2020/10/16 5:15 p.m.17 views

Default credentials

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain...

5CVSS7.2AI score0.00501EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2020/10/16 5:15 p.m.27 views

Memory corruption

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges...

9.3CVSS8AI score0.03738EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2020/10/16 5:15 p.m.16 views

Design/Logic Flaw

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected...

7.5CVSS9.2AI score0.04138EPSS
Exploits0References7Affected Software7
Prion
Prion
added 2020/10/16 5:15 p.m.26 views

Design/Logic Flaw

A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code...

6.5CVSS7.5AI score0.01971EPSS
Exploits1References3Affected Software4
Prion
Prion
added 2020/10/16 5:15 p.m.20 views

Design/Logic Flaw

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

4.3CVSS6.4AI score0.01721EPSS
Exploits0References3Affected Software4
Prion
Prion
added 2020/10/16 5:15 p.m.15 views

Authorization

An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to read sensitive location information...

4.3CVSS4.5AI score0.0083EPSS
Exploits0References3Affected Software4
Prion
Prion
added 2020/10/16 5:15 p.m.14 views

Input validation

An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets...

5CVSS6.8AI score0.01221EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2020/10/16 5:15 p.m.27 views

Cross site scripting

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal...

4.3CVSS6.3AI score0.01121EPSS
Exploits0References7Affected Software7
Prion
Prion
added 2020/10/16 5:15 p.m.14 views

Design/Logic Flaw

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...

5CVSS7AI score0.01443EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2020/10/16 5:15 p.m.17 views

Memory corruption

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges...

9.3CVSS8.2AI score0.01178EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2020/10/16 5:15 p.m.17 views

Design/Logic Flaw

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group...

4.3CVSS6.1AI score0.0044EPSS
Exploits0References4Affected Software5
Prion
Prion
added 2020/10/16 5:15 p.m.29 views

Command injection

A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web...

6.8CVSS7.9AI score0.01736EPSS
Exploits0References7Affected Software7
Prion
Prion
added 2020/10/16 5:15 p.m.20 views

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution...

6.8CVSS7.9AI score0.01153EPSS
Exploits0References4Affected Software5
Cvelist
Cvelist
added 2020/10/16 4:51 p.m.18 views

CVE-2020-9936

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...

8.3AI score0.01268EPSS
Exploits0References7
Cvelist
Cvelist
added 2020/10/16 4:51 p.m.28 views

CVE-2020-9934

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information...

5.2AI score0.03208EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/10/16 4:50 p.m.24 views

CVE-2020-9933

An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to read sensitive location information...

4.8AI score0.0083EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/10/16 4:50 p.m.21 views

CVE-2020-9931

A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6. A remote attacker may cause an unexpected application termination...

7AI score0.01568EPSS
Exploits0References1
Rows per page
Query Builder