CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-9870
https://notcve.org/view.php?id=CVE-2020-9870
17 Jul 2020 — A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code. Se abordó un problema lógico con una comprobación mejorada. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, tvOS 13.4.8. • https://support.apple.com/HT211288 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9799
https://notcve.org/view.php?id=CVE-2020-9799
17 Jul 2020 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en macOS Catalina versión 10.15.6. • https://support.apple.com/HT211289 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9866
https://notcve.org/view.php?id=CVE-2020-9866
17 Jul 2020 — A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution. Se abordó un desbordamiento de búfer con una comprobación de límites mejorada. Este problema se corrigió en macOS Catalina versión 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. • https://support.apple.com/en-us/HT211289 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9913
https://notcve.org/view.php?id=CVE-2020-9913
17 Jul 2020 — This issue was addressed with improved data protection. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to leak sensitive user information. Este problema es abordado con una protección de datos mejorada. Este problema es corregido en macOS Catalina versión 10.15.6. • https://support.apple.com/HT211289 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9864
https://notcve.org/view.php?id=CVE-2020-9864
17 Jul 2020 — A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema lógico con una restricciones mejoradas. Este problema es corregido en macOS Catalina versión 10.15.6. • https://support.apple.com/HT211289 •
CVSS: 8.6EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9865
https://notcve.org/view.php?id=CVE-2020-9865
17 Jul 2020 — A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to break out of its sandbox. Se abordó un problema de corrupción de la memoria al eliminar el código vulnerable. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, tvOS versión 13.4.8, watchOS versión 6.2.8. • https://support.apple.com/HT211288 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9885
https://notcve.org/view.php?id=CVE-2020-9885
17 Jul 2020 — An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group. Se presentó un problema en el manejo de tapbacks de iMessage. • https://support.apple.com/HT211288 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9891
https://notcve.org/view.php?id=CVE-2020-9891
17 Jul 2020 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, tvOS versión 13.4.8, watchOS versión 6.2.8. • https://support.apple.com/HT211288 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-9934 – Apple iOS, iPadOS, and macOS Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2020-9934
17 Jul 2020 — An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information. Se presentó un problema en el manejo de variables de entorno. • https://github.com/mattshockl/CVE-2020-9934 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9890
https://notcve.org/view.php?id=CVE-2020-9890
17 Jul 2020 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, tvOS versión 13.4.8, watchOS versión 6.2.8. • https://support.apple.com/HT211288 • CWE-125: Out-of-bounds Read •