Iphone_os - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Iphone_os
(Apple)

Repositories	• https://github.com/madler/zlib • https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff
#Vulnerabilities	3324

Date	Id	Summary	Products	Score	Patch	Annotated
2020-10-22	CVE-2020-9938	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos	7.8
2020-10-22	CVE-2020-9940	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.	Ipados, Iphone_os, Mac_os_x, Tvos	7.8
2020-10-22	CVE-2020-9980	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted font file may lead to arbitrary code execution.	Ipados, Iphone_os, Mac_os_x, Tvos, Watchos	7.8
2020-10-22	CVE-2020-9984	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.	Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos	7.8
2021-04-02	CVE-2020-27931	A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0. Processing a maliciously crafted font file may lead to arbitrary code execution.	Ipados, Iphone_os, Mac_os_x, Tvos, Watchos	7.8
2020-10-27	CVE-2020-9961	An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.	Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos	7.8
2020-12-08	CVE-2020-10002	A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files.	Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos	5.5
2020-12-08	CVE-2020-10003	An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges.	Ipados, Iphone_os, Mac_os_x, Tvos, Watchos	7.8
2020-12-08	CVE-2020-10004	A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.	Ipados, Iphone_os, Mac_os_x, Tvos	7.8
2020-12-08	CVE-2020-9966	An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.	Ipados, Iphone_os, Mac_os_x, Tvos, Watchos	7.8