Export limit exceeded: 335288 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (5617 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-9788 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.5. A file may be incorrectly rendered to execute JavaScript. | ||||
| CVE-2020-9787 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2024-11-21 | 5.3 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. Some websites may not have appeared in Safari Preferences. | ||||
| CVE-2020-9786 | 1 Apple | 1 Mac Os X | 2024-11-21 | 3.3 Low |
| This issue was addressed with improved checks This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. An application may be able to trigger a sysdiagnose. | ||||
| CVE-2020-9785 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-11-21 | 7.8 High |
| Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2020-9782 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.5 High |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files. | ||||
| CVE-2020-9779 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.1 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. | ||||
| CVE-2020-9776 | 1 Apple | 1 Mac Os X | 2024-11-21 | 3.3 Low |
| This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to access a user's call history. | ||||
| CVE-2020-9775 | 1 Apple | 3 Ipados, Iphone Os, Mac Os X | 2024-11-21 | 5.3 Medium |
| An issue existed in the handling of tabs displaying picture in picture video. The issue was corrected with improved state handling. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user's private browsing activity may be unexpectedly saved in Screen Time. | ||||
| CVE-2020-9774 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.5 High |
| An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately accessed. | ||||
| CVE-2020-9772 | 1 Apple | 5 Ipad Os, Iphone Os, Mac Os X and 2 more | 2024-11-21 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A sandboxed process may be able to circumvent sandbox restrictions. | ||||
| CVE-2020-9771 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.1 High |
| This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A user may gain access to protected parts of the file system. | ||||
| CVE-2020-9769 | 1 Apple | 1 Mac Os X | 2024-11-21 | 9.8 Critical |
| Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalina 10.15.4. Multiple issues in Vim. | ||||
| CVE-2020-8286 | 9 Apple, Debian, Fedoraproject and 6 more | 22 Mac Os X, Macos, Debian Linux and 19 more | 2024-11-21 | 7.5 High |
| curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. | ||||
| CVE-2020-8285 | 10 Apple, Debian, Fedoraproject and 7 more | 32 Mac Os X, Macos, Debian Linux and 29 more | 2024-11-21 | 7.5 High |
| curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. | ||||
| CVE-2020-8284 | 10 Apple, Debian, Fedoraproject and 7 more | 31 Mac Os X, Macos, Debian Linux and 28 more | 2024-11-21 | 3.7 Low |
| A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. | ||||
| CVE-2020-8037 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Mac Os X, Macos, Debian Linux and 3 more | 2024-11-21 | 7.5 High |
| The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | ||||
| CVE-2020-6616 | 3 Apple, Google, Samsung | 7 Ipados, Iphone Os, Mac Os X and 4 more | 2024-11-21 | 6.5 Medium |
| Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8 devices with the BCM4361 chipset. The Samsung ID is SVE-2020-16882 (May 2020). | ||||
| CVE-2020-6574 | 6 Apple, Debian, Fedoraproject and 3 more | 7 Mac Os X, Debian Linux, Fedora and 4 more | 2024-11-21 | 7.8 High |
| Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. | ||||
| CVE-2020-6477 | 4 Apple, Fedoraproject, Google and 1 more | 5 Mac Os X, Fedora, Chrome and 2 more | 2024-11-21 | 7.8 High |
| Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file. | ||||
| CVE-2020-3995 | 2 Apple, Vmware | 5 Mac Os X, Cloud Foundation, Esxi and 2 more | 2024-11-21 | 5.3 Medium |
| In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time. | ||||