Lucene search
+L

162 matches found

cve
cve
added 2020/10/16 4:49 p.m.314 views

CVE-2020-9925

CVE-2020-9925 concerns a logic issue in WebKit that affects Safari/WebKit components across Apple platforms. The vulnerability could allow universal cross-site scripting when processing malicious web content. Apple patched this by updating to iOS 13.6/iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safa...

6.1CVSS6.4AI score0.01135EPSS
Exploits0References7Affected Software7
cvelist
cvelist
added 2020/10/16 4:49 p.m.27 views

CVE-2020-9925

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal...

6.6AI score0.01135EPSS
Exploits0References7
debiancve
debiancve
added 2020/10/16 4:49 p.m.42 views

CVE-2020-9925

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal...

6.1CVSS5.7AI score0.01135EPSS
Exploits0
alpinelinux
alpinelinux
added 2020/10/16 4:49 p.m.41 views

CVE-2020-9925

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal...

6.1CVSS6.8AI score0.01135EPSS
Exploits0
cvelist
cvelist
added 2020/10/16 4:49 p.m.20 views

CVE-2020-9923

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges...

8.3AI score0.0123EPSS
Exploits0References2
cvelist
cvelist
added 2020/10/16 4:48 p.m.24 views

CVE-2020-9917

This issue was addressed with improved checks. This issue is fixed in iOS 13.6 and iPadOS 13.6. A remote attacker may be able to cause a denial of service...

6.8AI score0.01587EPSS
Exploits0References1
cvelist
cvelist
added 2020/10/16 4:47 p.m.25 views

CVE-2020-9916

A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the...

5.9AI score0.01377EPSS
Exploits0References7
debiancve
debiancve
added 2020/10/16 4:47 p.m.25 views

CVE-2020-9915

An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing...

6.5CVSS6AI score0.01444EPSS
Exploits0
cvelist
cvelist
added 2020/10/16 4:46 p.m.26 views

CVE-2020-9914

An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets...

7.1AI score0.01236EPSS
Exploits0References2
cve
cve
added 2020/10/16 4:44 p.m.75 views

CVE-2020-9911

CVE-2020-9911 is a logic issue in Safari Reader mode that could allow a remote attacker to bypass the Same Origin Policy. Apple fixes indicate the issue is addressed in iOS 13.6, iPadOS 13.6, and Safari 13.1.2. The initial description confirms a Same Origin bypass risk in Safari Reader; connected...

7.5CVSS7.2AI score0.0146EPSS
Exploits0References2Affected Software3
cvelist
cvelist
added 2020/10/16 4:44 p.m.24 views

CVE-2020-9911

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...

7.4AI score0.0146EPSS
Exploits0References2
cve
cve
added 2020/10/16 4:44 p.m.154 views

CVE-2020-9910

CVE-2020-9910 is a WebKit-related vulnerability that allowed a malicious attacker with arbitrary read and write capability to bypass Pointer Authentication. Apple's security updates indicate this issue affects iOS/iPadOS (13.6), tvOS (13.4.8), watchOS (6.2.8), Safari (13.1.2), and corresponding W...

8.8CVSS8.1AI score0.0219EPSS
Exploits1References7Affected Software7
cvelist
cvelist
added 2020/10/16 4:43 p.m.33 views

CVE-2020-9909

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

6.6AI score0.01796EPSS
Exploits0References3
cve
cve
added 2020/10/16 4:43 p.m.80 views

CVE-2020-9909

CVE-2020-9909 represents an Apple kernel vulnerability: an out-of-bounds read fixed in iOS 13.6 / iPadOS 13.6 / tvOS 13.4.8 / watchOS 6.2.8. Root cause: improved bounds checking in the Kernel component; impact: an attacker who already has kernel code execution could potentially bypass kernel memo...

5.9CVSS6.4AI score0.01796EPSS
Exploits0References3Affected Software4
vulnrichment
vulnrichment
added 2020/10/16 4:43 p.m.8 views

CVE-2020-9907

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges...

7.5AI score0.03899EPSS
Exploits0References2
cvelist
cvelist
added 2020/10/16 4:43 p.m.27 views

CVE-2020-9907

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges...

8.1AI score0.03899EPSS
Exploits0References2
cvelist
cvelist
added 2020/10/16 4:42 p.m.28 views

CVE-2020-9903

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain...

7.5AI score0.00507EPSS
Exploits0References2
cvelist
cvelist
added 2020/10/16 4:40 p.m.16 views

CVE-2020-9895

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected...

9.3AI score0.04316EPSS
Exploits0References7
debiancve
debiancve
added 2020/10/16 4:40 p.m.32 views

CVE-2020-9895

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected...

9.8CVSS7.5AI score0.04316EPSS
Exploits0
alpinelinux
alpinelinux
added 2020/10/16 4:40 p.m.35 views

CVE-2020-9895

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected...

9.8CVSS9.4AI score0.04316EPSS
Exploits0
Rows per page
Query Builder