CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9907 – Apple Multiple Products Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2020-9907
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria al eliminar el código vulnerable. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, tvOS versión 13.4.8. • https://support.apple.com/HT211288 https://support.apple.com/HT211290 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9911
https://notcve.org/view.php?id=CVE-2020-9911
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy. Se abordó un problema lógico con una restricciones mejoradas. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, Safari versión 13.1.2. • https://support.apple.com/HT211288 https://support.apple.com/HT211292 •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9923
https://notcve.org/view.php?id=CVE-2020-9923
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, watchOS 6.2.8. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de corrupción de la memoria con un manejo de la memoria mejorado. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, watchOS 6.2.8. • https://support.apple.com/HT211288 https://support.apple.com/HT211291 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9914
https://notcve.org/view.php?id=CVE-2020-9914
An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets. Se presentó un problema de comprobación de entrada en Bluetooth. • https://support.apple.com/HT211288 https://support.apple.com/HT211290 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9903
https://notcve.org/view.php?id=CVE-2020-9903
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain. Se abordó un problema lógico con una restricciones mejoradas. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, Safari versión 13.1.2. • https://support.apple.com/HT211288 https://support.apple.com/HT211292 • CWE-346: Origin Validation Error •