CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3839 – Apple macOS IO80211Family Stack-based Buffer Overflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-3839
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.3. An application may be able to read restricted memory. Se abordó un problema de comprobación con un saneamiento de entrada mejorado. Este problema es corregido en macOS Catalina versión 10.15.3. • https://support.apple.com/HT210919 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3871
https://notcve.org/view.php?id=CVE-2020-3871
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con un manejo de memoria mejorado. Este problema es corregido en macOS Catalina versión 10.15.3. • https://support.apple.com/HT210919 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-3855
https://notcve.org/view.php?id=CVE-2020-3855
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files. Se abordó un problema de acceso con restricciones de acceso mejoradas. Este problema se corrigió en macOS Catalina versión 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. • https://support.apple.com/en-us/HT210919 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-3840
https://notcve.org/view.php?id=CVE-2020-3840
An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution. Se presentó un problema por un paso en el manejo de los archivos de configuración racoon. • https://support.apple.com/HT210918 https://support.apple.com/HT210919 https://support.apple.com/HT210920 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •
CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 0CVE-2020-3838
https://notcve.org/view.php?id=CVE-2020-3838
The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges. El problema se abordó con una lógica de permisos mejorada. Este problema es corregido en iOS versión 13.3.1 y iPadOS versión 13.3.1, macOS Catalina versión 10.15.3, tvOS versión 13.3.1, watchOS versión 6.1.2. • http://seclists.org/fulldisclosure/2021/Apr/51 https://support.apple.com/HT210918 https://support.apple.com/HT210919 https://support.apple.com/HT210920 https://support.apple.com/HT210921 https://support.apple.com/kb/HT212326 https://support.apple.com/kb/HT212327 • CWE-276: Incorrect Default Permissions •