CVE-2020-9947

CVE-2020-9947 is a use-after-free vulnerability in memory management related to WebKit/Safari on Apple platforms. The advisory states that processing malicious web content may lead to arbitrary code execution. Fixed in watchOS 7.0, iOS 14.0 / iPadOS 14.0, tvOS 14.0, Safari 14.0, and corresponding...

CVE-2020-9947

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2020-9947

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2020-9966

CVE-2020-9966 is an out-of-bounds read issue that Apple fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0, and iPadOS 14.0. The underlying vulnerability stemmed from improper input validation, and Apple notes that an application may be able to execute arbitrary code with kernel priv...

CVE-2020-9966

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges...

CVE-2020-9950

CVE-2020-9950: A use-after-free issue addressed in WebKit that affects Apple platforms. According to the initial record, the vulnerability could be triggered by processing malicious web content and may lead to arbitrary code execution. Affected products/contexts include watchOS 7.0, tvOS 14.0, Sa...

CVE-2020-9950

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, tvOS 14.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2020-9954

CVE-2020-9954 affects Apple media components across iOS/iPadOS 14, watchOS 7.0, tvOS 14 and macOS Catalina 10.15.7. The root cause is a buffer/memory handling issue in CoreAudio: Playing a malicious audio file may lead to arbitrary code execution. The vulnerability is addressed by updates on the ...

CVE-2020-9849

CVE-2020-9849 affects Apple platforms including macOS Big Sur 11.0.1, iOS/iPadOS 14.0, watchOS 7.0, tvOS 14.0, and related Windows components. The issue is described as an information disclosure due to improved state management that may allow memory leakage. Remediation is to update to the listed...

CVE-2020-9849

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0. A remote attacker may be able to leak memory...

CVE-2020-9944

CVE-2020-9944: An out-of-bounds read in certain Apple media components was addressed by improved bounds checking. Affected: macOS Big Sur 11.0.1 and prior; affected watchOS 7.0, tvOS 14.0, iOS 14.0, and iPadOS 14.0. Impact (as stated): an application may be able to read restricted memory. Public ...

CVE-2020-9944

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to read restricted memory...

PT-2020-20926 · Apple · Safari +3

Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 7.0 Safari versions prior to 14.0 iOS versions prior to 14.0 iPadOS versions prior to 14.0 Description: The issue may lead to address bar spoofing when visiting a malicious website. It was addressed with improved UI...

CVE-2020-27950

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS...

CVE-2020-9952

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack...

Unspecified Vulnerability in Various Apple Products (CNVD-2020-67608)

Apple watchOS is an operating system for smartwatches.Apple iPadOS is an operating system for iPad tablets.Apple macOS Catalina is a specialized operating system developed for Mac computers. A security vulnerability exists in a number of Apple products that stems from the fact that spaced-drop...

CVE-2020-9952

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack...

PT-2020-11855 · Apple · Macos High Sierra +5

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 14.2 iPadOS versions prior to 14.2 macOS Catalina versions prior to 10.15.7 macOS High Sierra versions prior to Security Update 2020-005 macOS Mojave versions prior to Security Update 2020-005 Description: An out-of-boun...

PT-2020-20903 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 watchOS versions prior to 7.0 tvOS versions prior to 14.0 iOS versions prior to 14.0 iPadOS versions prior to 14.0 Description: An out-of-bounds read issue was addressed with improved input validation, which may...

PT-2020-20928 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.0.1 iOS versions prior to 14.0 iPadOS versions prior to 14.0 Description: A use after free issue was addressed with improved memory management, which may allow a malicious application to elevate privileges...