Lucene search

K

34 matches found

CVE
CVE
added 2020/02/27 9:15 p.m.929 views

CVE-2020-3837

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.5AI score0.10375EPSS
CVE
CVE
added 2020/02/24 2:15 p.m.359 views

CVE-2019-20044

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().

7.8CVSS7.8AI score0.00091EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.315 views

CVE-2020-3868

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbit...

9.3CVSS8.6AI score0.00261EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.298 views

CVE-2020-3843

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4.7, watchOS 5.3.7. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

9.3CVSS7.4AI score0.01654EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.267 views

CVE-2020-3867

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scri...

6.1CVSS6.2AI score0.00312EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.257 views

CVE-2020-3865

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbit...

8.8CVSS8.6AI score0.00387EPSS
CVE
CVE
added 2020/02/05 5:15 p.m.253 views

CVE-2019-15126

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a di...

3.1CVSS6.2AI score0.07993EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.224 views

CVE-2020-3862

A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service.

6.5CVSS6.3AI score0.00183EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.136 views

CVE-2020-3878

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to a...

7.8CVSS7.7AI score0.00616EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.131 views

CVE-2020-3829

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to gain elevated privileges.

9.3CVSS7AI score0.00299EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.130 views

CVE-2020-3825

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbit...

8.8CVSS8.5AI score0.00588EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.125 views

CVE-2020-3840

An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to arbitra...

7.8CVSS7.4AI score0.00469EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.113 views

CVE-2020-3842

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.7AI score0.00414EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.107 views

CVE-2020-3870

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution.

7.8CVSS7.6AI score0.00613EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.102 views

CVE-2020-3841

The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, Safari 13.0.5. A local user may unknowingly send a password unencrypted over the network.

6.5CVSS5.9AI score0.00139EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.96 views

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead ...

7.8CVSS7.7AI score0.00504EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.96 views

CVE-2020-3838

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

9.3CVSS8AI score0.00399EPSS
CVE
CVE
added 2020/02/28 2:15 p.m.94 views

CVE-2019-8741

A denial of service issue was addressed with improved input validation.

7.8CVSS7.8AI score0.01512EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.93 views

CVE-2020-3846

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an une...

8.8CVSS8AI score0.00773EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.92 views

CVE-2020-3857

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

7.8CVSS7.6AI score0.00226EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.88 views

CVE-2020-3856

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted string may lead to heap corruption.

9.3CVSS7.2AI score0.00352EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.88 views

CVE-2020-3860

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

7.8CVSS7.5AI score0.00131EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.85 views

CVE-2020-3836

An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to determine kernel memory layout.

5.5CVSS5.2AI score0.00134EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.84 views

CVE-2020-3872

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory.

5.5CVSS5.1AI score0.00325EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.81 views

CVE-2020-3853

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to execute arbitrary code with system privileges.

9.3CVSS7.6AI score0.00414EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.76 views

CVE-2020-3859

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

2.4CVSS3.5AI score0.00154EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.76 views

CVE-2020-3874

An issued existed in the naming of screenshots. The issue was corrected with improved naming. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Screenshots of the Messages app may reveal additional message content.

5.3CVSS5.4AI score0.00363EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.75 views

CVE-2020-3828

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

2.4CVSS3.2AI score0.00154EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.71 views

CVE-2020-3875

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory.

5.5CVSS5.3AI score0.00325EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.70 views

CVE-2020-3869

An issue existed in the handling of the local user's self-view. The issue was corrected with improved logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A remote FaceTime user may be able to cause the local user's camera self-view to display the incorrect camera.

5.3CVSS5.3AI score0.00351EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.69 views

CVE-2020-3844

This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Users removed from an iMessage conversation may still be able to alter state.

3.3CVSS4.2AI score0.00153EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.62 views

CVE-2020-3831

A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.

7.6CVSS6.8AI score0.00293EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.62 views

CVE-2020-3873

This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Turning off "Load remote content in messages” may not apply to all mail previews.

3.3CVSS4.4AI score0.00153EPSS
CVE
CVE
added 2020/02/27 9:15 p.m.57 views

CVE-2020-3858

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.

9.3CVSS7.4AI score0.00374EPSS