Filtered by vendor Apple
Subscribe
Search
Total
10011 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9777 | 1 Apple | 2 Ipados, Iphone Os | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video. This issue is fixed in iOS 13.4 and iPadOS 13.4. Cropped videos may not be shared properly via Mail. | |||||
| CVE-2019-8711 | 1 Apple | 1 Iphone Os | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A logic issue existed with the display of notification previews. This issue was addressed with improved validation. This issue is fixed in iOS 13. Notification previews may show on Bluetooth accessories even when previews are disabled. | |||||
| CVE-2020-9613 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass. | |||||
| CVE-2019-8725 | 1 Apple | 1 Safari | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The issue was addressed with improved handling of service worker lifetime. This issue is fixed in Safari 13.0.1. Service workers may leak private browsing history. | |||||
| CVE-2019-8739 | 1 Apple | 1 Xcode | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
| CVE-2019-8781 | 1 Apple | 1 Mac Os X | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-8793 | 1 Apple | 2 Ipados, Iphone Os | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2. A local user may be able to record the screen without a visible screen recording indicator. | |||||
| CVE-2019-8750 | 1 Apple | 2 Icloud, Watchos | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Multiple issues in libxslt. | |||||
| CVE-2020-27905 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-8795 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-3999 | 2 Apple, Vmware | 4 Mac Os X, Esxi, Fusion and 1 more | 2021-07-21 | 2.1 LOW | 6.5 MEDIUM |
| VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition. | |||||
| CVE-2020-27906 | 1 Apple | 1 Macos | 2021-07-21 | 9.3 HIGH | 8.8 HIGH |
| Multiple integer overflows were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to cause unexpected application termination or heap corruption. | |||||
| CVE-2020-9592 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass. | |||||
| CVE-2020-9596 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass. | |||||
| CVE-2020-6553 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Iphone Os, Debian Linux, Fedora and 1 more | 2021-07-21 | 9.3 HIGH | 8.8 HIGH |
| Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-8744 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious application may be able to determine kernel memory layout. | |||||
| CVE-2019-8740 | 1 Apple | 4 Ipad Os, Iphone Os, Tvos and 1 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-6528 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Iphone Os, Debian Linux, Fedora and 3 more | 2021-07-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2019-5812 | 2 Apple, Google | 2 Iphone Os, Chrome | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
| CVE-2020-6403 | 3 Apple, Google, Opensuse | 3 Iphone Os, Chrome, Backports Sle | 2021-07-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2019-8832 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-3980 | 2 Apple, Vmware | 2 Mac Os X, Fusion | 2021-07-21 | 3.7 LOW | 6.7 MEDIUM |
| VMware Fusion (11.x) contains a privilege escalation vulnerability due to the way it allows configuring the system wide path. An attacker with normal user privileges may exploit this issue to trick an admin user into executing malicious code on the system where Fusion is installed. | |||||
| CVE-2019-8695 | 1 Apple | 1 Mac Os X | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-3913 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, watchOS 6.2. A malicious application may be able to elevate privileges. | |||||
| CVE-2020-3904 | 1 Apple | 1 Mac Os X | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| Multiple memory corruption issues were addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-3903 | 1 Apple | 1 Mac Os X | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.4. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-8775 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2021-07-21 | 2.1 LOW | 2.4 LOW |
| The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. | |||||
| CVE-2020-3892 | 1 Apple | 1 Mac Os X | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-3891 | 1 Apple | 3 Ipad Os, Iphone Os, Watchos | 2021-07-21 | 2.1 LOW | 2.4 LOW |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, watchOS 6.2. A person with physical access to a locked iOS device may be able to respond to messages even when replies are disabled. | |||||
| CVE-2019-8734 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2020-3884 | 1 Apple | 1 Mac Os X | 2021-07-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution. | |||||
| CVE-2019-8848 | 1 Apple | 8 Icloud, Ipados, Iphone Os and 5 more | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An application may be able to gain elevated privileges. | |||||
| CVE-2020-3866 | 1 Apple | 1 Mac Os X | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Catalina 10.15.3. Searching for and opening a file from an attacker controlled NFS mount may bypass Gatekeeper. | |||||
| CVE-2020-3874 | 1 Apple | 2 Ipados, Iphone Os | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issued existed in the naming of screenshots. The issue was corrected with improved naming. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Screenshots of the Messages app may reveal additional message content. | |||||
| CVE-2020-3860 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-3859 | 1 Apple | 2 Ipados, Iphone Os | 2021-07-21 | 2.1 LOW | 2.4 LOW |
| An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. | |||||
| CVE-2019-8831 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-3834 | 1 Apple | 1 Watchos | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-3873 | 1 Apple | 2 Ipados, Iphone Os | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Turning off "Load remote content in messages” may not apply to all mail previews. | |||||
| CVE-2019-8833 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-3856 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted string may lead to heap corruption. | |||||
| CVE-2020-3857 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-3850 | 1 Apple | 1 Mac Os X | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2020-3849 | 1 Apple | 1 Mac Os X | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2020-27903 | 1 Apple | 1 Macos | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to gain elevated privileges. | |||||
| CVE-2019-8829 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6.1, tvOS 13.2, iOS 13.2 and iPadOS 13.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-8855 | 1 Apple | 1 Mac Os X | 2021-07-21 | 4.3 MEDIUM | 6.3 MEDIUM |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to access restricted files. | |||||
| CVE-2020-3837 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-3828 | 1 Apple | 2 Ipados, Iphone Os | 2021-07-21 | 2.1 LOW | 2.4 LOW |
| A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. | |||||
| CVE-2020-3842 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges. | |||||