Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mac_os_x
(Apple)| Repositories |
• https://github.com/madler/zlib
• https://github.com/apache/httpd • https://github.com/file/file • https://github.com/Perl/perl5 • https://github.com/openssh/openssh-portable |
| #Vulnerabilities | 3208 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-04-01 | CVE-2020-9776 | This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to access a user's call history. | Mac_os_x | 3.3 | ||
| 2020-04-01 | CVE-2020-9785 | Multiple memory corruption issues were addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privileges. | Ipados, Iphone_os, Mac_os_x, Tvos, Watchos | 7.8 | ||
| 2020-04-01 | CVE-2020-3847 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to leak memory. | Mac_os_x | 9.8 | ||
| 2020-04-01 | CVE-2020-3848 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | Mac_os_x | 9.8 | ||
| 2020-04-01 | CVE-2020-3849 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | Mac_os_x | 9.8 | ||
| 2020-04-01 | CVE-2020-3850 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | Mac_os_x | 9.8 | ||
| 2020-05-08 | CVE-2020-6616 | Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8 devices with the BCM4361 chipset. The Samsung ID is SVE-2020-16882 (May 2020). | Ipados, Iphone_os, Mac_os_x, Android | 6.5 | ||
| 2020-06-09 | CVE-2020-3882 | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information. | Mac_os_x | 6.5 | ||
| 2020-06-09 | CVE-2020-9792 | A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A USB device may be able to cause a denial of service. | Ipados, Iphone_os, Mac_os_x | 4.6 | ||
| 2020-06-09 | CVE-2020-9788 | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.5. A file may be incorrectly rendered to execute JavaScript. | Mac_os_x | 7.8 |