Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Macos Security Vulnerabilities - July

cve
cve

CVE-2020-29616

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS

7.7AI Score

0.001EPSS

2021-04-02 06:15 PM
43
2
cve
cve

CVE-2020-29617

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

7.8CVSS

7AI Score

0.001EPSS

2021-04-02 06:15 PM
57
3
cve
cve

CVE-2020-29618

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

7.8CVSS

7.7AI Score

0.001EPSS

2021-04-02 06:15 PM
65
2
cve
cve

CVE-2020-29619

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may le...

7.8CVSS

7AI Score

0.001EPSS

2021-04-02 06:15 PM
58
cve
cve

CVE-2020-29620

This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to elevate privileges.

7.8CVSS

6.6AI Score

0.001EPSS

2021-04-02 06:15 PM
40
cve
cve

CVE-2020-29621

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to bypass Privacy preferences.

5.5CVSS

5.2AI Score

0.0004EPSS

2021-04-02 06:15 PM
39
4
cve
cve

CVE-2020-29622

A race condition was addressed with additional validation. This issue is fixed in Security Update 2021-005 Catalina. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.

7.5CVSS

7.4AI Score

0.002EPSS

2021-10-19 02:15 PM
43
cve
cve

CVE-2020-29623

"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. A user may be unable to fully delete b...

3.3CVSS

4.9AI Score

0.0005EPSS

2021-04-02 06:15 PM
242
2
cve
cve

CVE-2020-29624

A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a m...

7.8CVSS

7.9AI Score

0.001EPSS

2021-04-02 06:15 PM
49
2
cve
cve

CVE-2020-29625

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS

7.4AI Score

0.001EPSS

2021-04-02 06:15 PM
43
2
cve
cve

CVE-2020-29629

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to read restricted memory.

5.5CVSS

5.5AI Score

0.001EPSS

2021-10-28 07:15 PM
47
cve
cve

CVE-2020-29633

An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An attacker in a privileged ne...

8.8CVSS

7AI Score

0.002EPSS

2021-04-02 06:15 PM
63
2
cve
cve

CVE-2020-36221

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

7.5CVSS

7.4AI Score

0.049EPSS

2021-01-26 06:15 PM
196
10
cve
cve

CVE-2020-36222

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

7.5CVSS

7.3AI Score

0.039EPSS

2021-01-26 06:15 PM
196
11
cve
cve

CVE-2020-36223

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).

7.5CVSS

7.3AI Score

0.01EPSS

2021-01-26 06:15 PM
206
12
cve
cve

CVE-2020-36224

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5CVSS

7.4AI Score

0.013EPSS

2021-01-26 06:15 PM
210
13
cve
cve

CVE-2020-36225

A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5CVSS

7.3AI Score

0.013EPSS

2021-01-26 06:15 PM
198
12
cve
cve

CVE-2020-36226

A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.

7.5CVSS

7.3AI Score

0.004EPSS

2021-01-26 06:15 PM
213
11
cve
cve

CVE-2020-36227

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.

7.5CVSS

7.3AI Score

0.069EPSS

2021-01-26 06:15 PM
198
7
cve
cve

CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.

7.5CVSS

7.3AI Score

0.095EPSS

2021-01-26 06:15 PM
193
10
cve
cve

CVE-2020-36229

A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.

7.5CVSS

7.3AI Score

0.048EPSS

2021-01-26 06:15 PM
213
9
cve
cve

CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

7.5CVSS

7.4AI Score

0.007EPSS

2021-01-26 06:15 PM
226
7
cve
cve

CVE-2020-36521

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or po...

7.1CVSS

6.3AI Score

0.001EPSS

2022-09-23 07:15 PM
50
14
cve
cve

CVE-2020-36615

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution.

7.8CVSS

7.1AI Score

0.001EPSS

2023-08-14 11:15 PM
32
cve
cve

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead ...

7.8CVSS

7.7AI Score

0.001EPSS

2020-02-27 09:15 PM
81
cve
cve

CVE-2020-3827

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. Viewing a maliciously crafted JPEG file may lead to arbitrary code execution.

7.8CVSS

8.4AI Score

0.001EPSS

2020-02-27 09:15 PM
51
cve
cve

CVE-2020-3829

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to gain elevated privileges.

7.8CVSS

7AI Score

0.002EPSS

2020-02-27 09:15 PM
113
cve
cve

CVE-2020-3830

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to overwrite arbitrary files.

3.3CVSS

5.1AI Score

0.0004EPSS

2020-02-27 09:15 PM
80
cve
cve

CVE-2020-3835

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to access restricted files.

4.4CVSS

5.2AI Score

0.0004EPSS

2020-02-27 09:15 PM
45
cve
cve

CVE-2020-3836

An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to determine kernel memory layout.

5.5CVSS

5.2AI Score

0.0004EPSS

2020-02-27 09:15 PM
72
cve
cve

CVE-2020-3837

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS

7.5AI Score

0.001EPSS

2020-02-27 09:15 PM
769
In Wild
2
cve
cve

CVE-2020-3838

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

7.8CVSS

8AI Score

0.001EPSS

2020-02-27 09:15 PM
77
cve
cve

CVE-2020-3839

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.3. An application may be able to read restricted memory.

5.5CVSS

5.2AI Score

0.0004EPSS

2020-02-27 09:15 PM
48
cve
cve

CVE-2020-3840

An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to arbitra...

7.8CVSS

7.4AI Score

0.002EPSS

2020-02-27 09:15 PM
109
cve
cve

CVE-2020-3842

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS

7.7AI Score

0.002EPSS

2020-02-27 09:15 PM
99
cve
cve

CVE-2020-3845

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with system privileges.

7.8CVSS

7.9AI Score

0.001EPSS

2020-02-27 09:15 PM
57
cve
cve

CVE-2020-3846

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an une...

8.8CVSS

8AI Score

0.006EPSS

2020-02-27 09:15 PM
74
cve
cve

CVE-2020-3847

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to leak memory.

9.8CVSS

7.9AI Score

0.01EPSS

2020-04-01 07:15 PM
47
cve
cve

CVE-2020-3848

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS

9.1AI Score

0.011EPSS

2020-04-01 07:15 PM
56
cve
cve

CVE-2020-3849

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS

9.1AI Score

0.011EPSS

2020-04-01 07:15 PM
49
cve
cve

CVE-2020-3850

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

9.8CVSS

9.1AI Score

0.011EPSS

2020-04-01 07:15 PM
47
2
cve
cve

CVE-2020-3851

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application m...

7.8CVSS

7.4AI Score

0.001EPSS

2020-10-27 09:15 PM
53
cve
cve

CVE-2020-3853

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to execute arbitrary code with system privileges.

7.8CVSS

7.6AI Score

0.002EPSS

2020-02-27 09:15 PM
66
cve
cve

CVE-2020-3854

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with system privileges.

7.8CVSS

7.9AI Score

0.001EPSS

2020-02-27 09:15 PM
54
cve
cve

CVE-2020-3855

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files.

7.1CVSS

6.6AI Score

0.001EPSS

2020-10-27 09:15 PM
54
cve
cve

CVE-2020-3856

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted string may lead to heap corruption.

7.8CVSS

7.2AI Score

0.002EPSS

2020-02-27 09:15 PM
71
cve
cve

CVE-2020-3857

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

7.8CVSS

7.6AI Score

0.0004EPSS

2020-02-27 09:15 PM
76
cve
cve

CVE-2020-3863

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to execute arbitrary code with system privileges.

7.8CVSS

8.3AI Score

0.001EPSS

2020-10-27 09:15 PM
50
cve
cve

CVE-2020-3866

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Catalina 10.15.3. Searching for and opening a file from an attacker controlled NFS mount may bypass Gatekeeper.

5.5CVSS

6.1AI Score

0.001EPSS

2020-02-27 09:15 PM
79
cve
cve

CVE-2020-3870

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS

7.6AI Score

0.002EPSS

2020-02-27 09:15 PM
91
Total number of security vulnerabilities2282