|
197671
|
6.5 |
MEDIUM
Network
|
apple
|
iphone_os
ipados
safari
|
The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, Safari 13.0.5. A local user may unknowingly send a password unencrypted over the network.
|
CWE-319
CWE-522
Cleartext Transmission of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2020-3841
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197672
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
ipados
tvos
mac_os_x
|
An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catali…
|
CWE-119
CWE-193
Incorrect Access of Indexable Resource ('Range Error')
Off-by-one Error
|
CVE-2020-3840
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197673
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
|
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.3. An application may be able to read restricted memory.
|
CWE-20
Improper Input Validation
|
CVE-2020-3839
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197674
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
iphone_os
ipados
tvos
watchos
|
The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-3838
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197675
|
5.5 |
MEDIUM
Local
|
apple
|
iphone_os
ipados
tvos
watchos
mac_os_x
|
An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be …
|
NVD-CWE-noinfo
|
CVE-2020-3836
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197676
|
4.4 |
MEDIUM
Local
|
apple
|
mac_os_x
|
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be ab…
|
CWE-59
Link Following
|
CVE-2020-3835
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197677
|
7.8 |
HIGH
Local
|
apple
|
watchos
|
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-3834
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197678
|
4.3 |
MEDIUM
Network
|
apple
|
safari
|
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing.
|
NVD-CWE-Other
|
CVE-2020-3833
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197679
|
7.0 |
HIGH
Local
|
apple
|
iphone_os
ipados
|
A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.
|
CWE-362
Race Condition
|
CVE-2020-3831
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197680
|
3.3 |
LOW
Local
|
apple
|
mac_os_x
|
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be ab…
|
CWE-59
Link Following
|
CVE-2020-3830
|
2024-11-21 14:31 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
