CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-9870
https://notcve.org/view.php?id=CVE-2020-9870
A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code. Se abordó un problema lógico con una comprobación mejorada. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, tvOS 13.4.8. • https://support.apple.com/HT211288 https://support.apple.com/HT211289 https://support.apple.com/HT211290 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9884 – Apple macOS AudioToolboxCore CAF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-9884
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, tvOS versión 13.4.8, watchOS versión 6.2.8. • https://support.apple.com/HT211289 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-9913
https://notcve.org/view.php?id=CVE-2020-9913
This issue was addressed with improved data protection. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to leak sensitive user information. Este problema es abordado con una protección de datos mejorada. Este problema es corregido en macOS Catalina versión 10.15.6. • https://support.apple.com/HT211289 •
CVSS: 8.6EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9865
https://notcve.org/view.php?id=CVE-2020-9865
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to break out of its sandbox. Se abordó un problema de corrupción de la memoria al eliminar el código vulnerable. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, tvOS versión 13.4.8, watchOS versión 6.2.8. • https://support.apple.com/HT211288 https://support.apple.com/HT211289 https://support.apple.com/HT211290 https://support.apple.com/HT211291 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-9878
https://notcve.org/view.php?id=CVE-2020-9878
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de desbordamiento del búfer con un manejo de la memoria mejorado. Este problema es corregido en iOS versión 13.6 y iPadOS versión 13.6, macOS Catalina versión 10.15.6, tvOS versión 13.4.8, watchOS versión 6.2.8. • https://support.apple.com/HT211288 https://support.apple.com/HT211289 https://support.apple.com/HT211291 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •