101 matches found
CVE-2020-27927
CVE-2020-27927 is an Apple font-parsing vulnerability. The issue is described as an out-of-bounds write in the FontParser component that processes malicious font files, leading to arbitrary code execution. Affected platforms include macOS Big Sur 11.0.1 and iOS 14.2 / iPadOS 14.2, tvOS 14.2, and ...
CVE-2020-27925
CVE-2020-27925 affects CallKit in iOS 14.2 / iPadOS 14.2. An issue in handling incoming calls allowed a user to answer two calls simultaneously without indication. Root cause: inadequate state handling; fix implemented via additional state checks. Remediation: update to iOS 14.2 / iPadOS 14.2. CV...
CVE-2020-27909
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution...
CVE-2020-27905
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to execute arbitrary code with system privileges...
CVE-2020-27902
An authentication issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2. A person with physical access to an iOS device may be able to access stored passwords without authentication...
CVE-2020-27902
CVE-2020-27902 is an Apple iOS/iPadOS vulnerability describing an authentication issue where a user with physical access could access stored passwords without authentication. Apple fixed this issue in iOS 14.2 and iPadOS 14.2 by improving state management. The CVE appears under Keyboard in the Ap...
CVE-2020-10017
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution...
CVE-2020-10016
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges...
CVE-2020-10011
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted USD file may lead to unexpected application terminati...
CVE-2020-10011
CVE-2020-10011: An out-of-bounds read vulnerability was fixed by improved bounds checking when processing a maliciously crafted USD file. Affected platforms include iOS 14.2, iPadOS 14.2, macOS Catalina 10.15.7, and Security Update 2020-005 for High Sierra and Mojave. Exploitation could lead to u...
CVE-2020-10003
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges...
CVE-2020-10004
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution...
CVE-2020-10004
CVE-2020-10004 is a logic-issue vulnerability fixed in Apple OS updates: macOS Big Sur 11.0.1, iOS 14.2, and iPadOS 14.2. The issue arises from improved state management and may allow an attacker to cause an application to terminate unexpectedly or execute arbitrary code when a maliciously crafte...
CVE-2020-10010
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges...
CVE-2020-9974
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to determine kernel memory layout...
CVE-2020-27950
A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...
PT-2020-16853 · Apple · Macos Catalina +7
Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.1 macOS Catalina versions prior to Security Update 2020-001 macOS Mojave versions prior to Security Update 2020-007 iOS versions prior to 14.2 iPadOS versions prior to 14.2 watchOS versions prior to 7.1 tvOS...
PT-2020-20910 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 iOS versions prior to 14.2 iPadOS versions prior to 14.2 tvOS versions prior to 14.2 watchOS versions prior to 7.1 Description: A logic issue was addressed with improved state management. A malicious application...
Apple Security Update: iOS 14.2 and iPadOS 14.2
Apple recommends to install security update iOS 14.2 and iPadOS 14.2 on devices iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later...
Apple Security Update: iOS 14.2 and iPadOS 14.2
Apple recommends to install security update iOS 14.2 and iPadOS 14.2 on devices iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation...