Memory corruption

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to...

CVE-2020-3853

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to execute arbitrary code with system privileges...

CVE-2020-3860

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges...

CVE-2020-3870

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2020-3874

An issued existed in the naming of screenshots. The issue was corrected with improved naming. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Screenshots of the Messages app may reveal additional message content...

CVE-2020-3875

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory...

CVE-2020-3872

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory...

CVE-2020-3872

CVE-2020-3872 is a memory initialization issue in Apple platforms causing an application to read restricted memory. It is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, and watchOS 6.1.2. Affected components are kernel/memory handling across Apple OS releases; remedia...

CVE-2020-3873

CVE-2020-3873 is an Apple iOS/iPadOS vulnerability affecting the Mail component, tied to improper propagation of settings for loading remote content in messages. The issue could affect how mail previews handle remote content loading. It is addressed with a fix in iOS 13.3.1 and iPadOS 13.3.1, wit...

CVE-2020-3874

The CVE-2020-3874 entry concerns an issue in the naming of Screenshots within Messages on iOS/iPadOS. According to the Apple security content, an issue allowed Screenshots to reveal additional message content, and this was fixed in iOS 13.3.1 / iPadOS 13.3.1. The core problem is described as a mi...

CVE-2020-3875

CVE-2020-3875Fixes a validation issue addressed by improved input sanitization. Affects Apple platforms including iOS/iPadOS, macOS Catalina, tvOS, watchOS, and kernel components where an application may read restricted memory. Public details indicate the vulnerability is mitigated by updates to ...

CVE-2020-3869

CVE-2020-3869 describes an issue in the handling of the local user’s self-view in FaceTime on Apple devices. The root cause is a logic flaw that could cause the local user’s camera self-view to show an incorrect camera when a remote FaceTime user is involved. Impact stated by sources: a remote Fa...

CVE-2020-3856

CVE-2020-3856: Memory corruption in Apple’s libxpc (and related components) is triggered by processing a malicious string, leading to heap corruption. Public notes specify affected platforms include iOS/iPadOS, macOS, tvOS, and watchOS, with the issue addressed by input validation improvements. R...

CVE-2020-3858

CVE-2020-3858 involves a memory corruption issue in Apple iOS/iPadOS components that could allow an application to execute arbitrary code with kernel privileges. Apple’s advisory (HT210918) lists affected areas including Kernel, IOAcceleratorFamily, and IOUSBDeviceFamily, with fixes applied in iO...

CVE-2020-3869

An issue existed in the handling of the local user's self-view. The issue was corrected with improved logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A remote FaceTime user may be able to cause the local user's camera self-view to display the incorrect camera...

CVE-2020-3865

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to...

CVE-2020-3878

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to...

CVE-2020-3865

CVE-2020-3865 is a WebKit-related memory-corruption issue that affects WebKit and WebKitGTK/WebKitGTK4 components. The initial entry notes memory corruption issues addressed by improved memory handling and fixes in iOS 13.3.1/iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, and related Windows/macOS co...

CVE-2020-3856

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted string may lead to heap corruption...

CVE-2020-3846

CVE-2020-3846 is a buffer overflow vulnerability described as being mitigated by improved size validation. Public details in the provided documents indicate Apple platforms are affected, including iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows...