Page 3 of 171 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0

CVE-2020-27918 – webkitgtk: Use-after-free leading to arbitrary code execution

https://notcve.org/view.php?id=CVE-2020-27918

09 Nov 2020 — A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de la memoria previamente liberada, con una administración de la memoria mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1, watchOS versión 7.1, iOS... • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-416: Use After Free •

CVSS: 9.3EPSS: 2%CPEs: 10EXPL: 1

CVE-2020-27932 – Apple Multiple Products Type Confusion Vulnerability

https://notcve.org/view.php?id=CVE-2020-27932

09 Nov 2020 — A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de confusión de tipos con un manejo de estado mejorado. Este... • https://packetstorm.news/files/id/161295 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 5.5EPSS: 0%CPEs: 24EXPL: 0

CVE-2020-10002 – Apple Security Advisory 2020-12-14-3

https://notcve.org/view.php?id=CVE-2020-10002

09 Nov 2020 — A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files. Se abordó un problema lógico con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.0.1, watchOS versión 7.1, iOS versión 14.2 y iPadOS versión 14.2, iCloud para Windows 11.5, tvOS versión 14.2, iTunes 12.11 p... • http://seclists.org/fulldisclosure/2020/Dec/26 •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-8834

https://notcve.org/view.php?id=CVE-2019-8834

27 Oct 2020 — A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list. Se abordó un problema de confi... • https://support.apple.com/en-us/HT210785 •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

CVE-2019-8827

https://notcve.org/view.php?id=CVE-2019-8827

27 Oct 2020 — The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited. El encabezado referrer HTTP puede ser usado para filtrar el historial de navegación. • https://support.apple.com/en-us/HT210721 •

CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2019-8762

https://notcve.org/view.php?id=CVE-2019-8762

27 Oct 2020 — A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting. Se abordó un problema de comprobación con una lógica mejorada. Este problema se corrigió en Safari versión 13.0.1, iOS versión 13.1 y iPadOS versión 13.1, iCloud para Windows versión 10.7, tvOS versión 13, iCloud pa... • https://support.apple.com/en-us/HT210603 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-9984

https://notcve.org/view.php?id=CVE-2020-9984

22 Oct 2020 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, t... • https://support.apple.com/kb/HT211288 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-9937

https://notcve.org/view.php?id=CVE-2020-9937

22 Oct 2020 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema se corrigió en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina... • https://support.apple.com/kb/HT211288 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-9938

https://notcve.org/view.php?id=CVE-2020-9938

22 Oct 2020 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, t... • https://support.apple.com/kb/HT211288 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-9879

https://notcve.org/view.php?id=CVE-2020-9879

22 Oct 2020 — An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalin... • https://support.apple.com/kb/HT211288 • CWE-787: Out-of-bounds Write •