|
1521
|
8.6
6.8
|
HIGH
Local
|
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application m…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-9865
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.6
|
2024-11-21 14:41
2020-10-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1522
|
7.8
6.8
|
HIGH
Local
|
A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes…
|
CWE-77 CWE-116
Command Injection Improper Encoding or Escaping of Output
|
CVE-2020-9862
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.6
|
2024-11-21 14:41
2020-10-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1523
|
5.5
2.1
|
MEDIUM
Local
|
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may…
|
NVD-CWE-noinfo
|
CVE-2020-9934
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.6
|
2025-02-28 23:44
2020-10-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1524
|
7.8
9.3
|
HIGH
Local
|
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-9907
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.6
|
2025-02-28 23:44
2020-10-17
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1525
|
6.5
4.3
|
MEDIUM
Network
|
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
|
CWE-200
Information Exposure
|
CVE-2020-6514
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.6
|
2024-11-21 14:35
2020-07-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1526
|
5.5
2.1
|
MEDIUM
Local
|
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15358
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
14.0
|
2024-11-21 14:05
2020-06-27
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1527
|
7.8
9.3
|
HIGH
Local
|
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may b…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-9852
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.5
|
2024-11-21 14:41
2020-06-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1528
|
9.8
7.5
|
CRITICAL
Network
|
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2…
|
NVD-CWE-Other
|
CVE-2020-9850
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.5
|
2024-11-21 14:41
2020-06-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1529
|
2.4
2.1
|
LOW
Physics
|
An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5. A person with physical access to an iOS device may be able to view notification c…
|
NVD-CWE-noinfo
|
CVE-2020-9848
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.5
|
2024-11-21 14:41
2020-06-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1530
|
7.5
7.8
|
HIGH
Network
|
A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system te…
|
CWE-415
Double Free
|
CVE-2020-9844
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.5
|
2024-11-21 14:41
2020-06-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|