Lucene search
K

101 matches found

CVE
CVE
added 2020/12/08 8:11 p.m.81 views

CVE-2020-27927

CVE-2020-27927 is an Apple font-parsing vulnerability. The issue is described as an out-of-bounds write in the FontParser component that processes malicious font files, leading to arbitrary code execution. Affected platforms include macOS Big Sur 11.0.1 and iOS 14.2 / iPadOS 14.2, tvOS 14.2, and ...

7.8CVSS7.4AI score0.01252EPSS
Exploits0References5Affected Software5
CVE
CVE
added 2020/12/08 8:10 p.m.63 views

CVE-2020-27925

CVE-2020-27925 affects CallKit in iOS 14.2 / iPadOS 14.2. An issue in handling incoming calls allowed a user to answer two calls simultaneously without indication. Root cause: inadequate state handling; fix implemented via additional state checks. Remediation: update to iOS 14.2 / iPadOS 14.2. CV...

5.5CVSS5.3AI score0.00268EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/12/08 8:9 p.m.21 views

CVE-2020-27909

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution...

7.9AI score0.02147EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/12/08 8:9 p.m.23 views

CVE-2020-27905

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to execute arbitrary code with system privileges...

8AI score0.01273EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/12/08 8:8 p.m.17 views

CVE-2020-27902

An authentication issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2. A person with physical access to an iOS device may be able to access stored passwords without authentication...

4AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2020/12/08 8:8 p.m.53 views

CVE-2020-27902

CVE-2020-27902 is an Apple iOS/iPadOS vulnerability describing an authentication issue where a user with physical access could access stored passwords without authentication. Apple fixed this issue in iOS 14.2 and iPadOS 14.2 by improving state management. The CVE appears under Keyboard in the Ap...

4.6CVSS4.1AI score0.00316EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/12/08 8:6 p.m.22 views

CVE-2020-10017

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution...

7.9AI score0.01408EPSS
Exploits0References7
Cvelist
Cvelist
added 2020/12/08 8:3 p.m.22 views

CVE-2020-10016

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges...

7.8AI score0.0162EPSS
Exploits0References7
Cvelist
Cvelist
added 2020/12/08 8:2 p.m.21 views

CVE-2020-10011

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted USD file may lead to unexpected application terminati...

7.5AI score0.01161EPSS
Exploits0References5
CVE
CVE
added 2020/12/08 8:2 p.m.73 views

CVE-2020-10011

CVE-2020-10011: An out-of-bounds read vulnerability was fixed by improved bounds checking when processing a maliciously crafted USD file. Affected platforms include iOS 14.2, iPadOS 14.2, macOS Catalina 10.15.7, and Security Update 2020-005 for High Sierra and Mojave. Exploitation could lead to u...

7.8CVSS7.3AI score0.01161EPSS
Exploits0References5Affected Software4
Cvelist
Cvelist
added 2020/12/08 8:2 p.m.24 views

CVE-2020-10003

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges...

6.9AI score0.0039EPSS
Exploits0References5
Cvelist
Cvelist
added 2020/12/08 8:2 p.m.19 views

CVE-2020-10004

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution...

7.8AI score0.0137EPSS
Exploits0References6
CVE
CVE
added 2020/12/08 8:2 p.m.77 views

CVE-2020-10004

CVE-2020-10004 is a logic-issue vulnerability fixed in Apple OS updates: macOS Big Sur 11.0.1, iOS 14.2, and iPadOS 14.2. The issue arises from improved state management and may allow an attacker to cause an application to terminate unexpectedly or execute arbitrary code when a maliciously crafte...

7.8CVSS7.7AI score0.0137EPSS
Exploits0References6Affected Software4
Cvelist
Cvelist
added 2020/12/08 8:1 p.m.22 views

CVE-2020-10010

A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges...

6.8AI score0.00445EPSS
Exploits0References7
Cvelist
Cvelist
added 2020/12/08 7:58 p.m.17 views

CVE-2020-9974

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to determine kernel memory layout...

5.4AI score0.01198EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2020/12/08 12:0 a.m.93 views

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...

7.1CVSS5.5AI score0.1652EPSS
In wildExploits2References11
Positive Technologies
Positive Technologies
added 2020/11/12 12:0 a.m.3 views

PT-2020-16853 · Apple · Macos Catalina +7

Name of the Vulnerable Software and Affected Versions: macOS Big Sur versions prior to 11.1 macOS Catalina versions prior to Security Update 2020-001 macOS Mojave versions prior to Security Update 2020-007 iOS versions prior to 14.2 iPadOS versions prior to 14.2 watchOS versions prior to 7.1 tvOS...

8.8CVSS6.7AI score0.01295EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2020/11/12 12:0 a.m.4 views

PT-2020-20910 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 iOS versions prior to 14.2 iPadOS versions prior to 14.2 tvOS versions prior to 14.2 watchOS versions prior to 7.1 Description: A logic issue was addressed with improved state management. A malicious application...

5.5CVSS5.4AI score0.01198EPSS
Exploits0References14
Apple
Apple
added 2020/11/05 12:0 a.m.19 views

Apple Security Update: iOS 14.2 and iPadOS 14.2

Apple recommends to install security update iOS 14.2 and iPadOS 14.2 on devices iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later, and iPad mini 4 and later...

6.7AI score
Exploits0References2Affected Software2
Apple
Apple
added 2020/11/05 12:0 a.m.16 views

Apple Security Update: iOS 14.2 and iPadOS 14.2

Apple recommends to install security update iOS 14.2 and iPadOS 14.2 on devices iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation...

6.7AI score
Exploits0References2Affected Software2
Rows per page
Query Builder