Selection:
XSS CSRF Privilege Buffer Remote Stack
CVE ID Name Status References
CVE-2020-9999

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution.

Assigned (20200302)

CONFIRM:https://support.apple.com/kb/HT211843 | CONFIRM:https://support.apple.com/kb/HT211844 | CONFIRM:https://support.apple.com/kb/HT211850 | CONFIRM:https://support.apple.com/kb/HT211935 | FULLDISC:20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 | URL:http://seclists.org/fulldisclosure/2020/Dec/32 | MISC:https://support.apple.com/en-us/HT211931 | URL:https://support.apple.com/en-us/HT211931 | MISC:https://support.apple.com/en-us/HT211952 | URL:https://support.apple.com/en-us/HT211952

CVE-2020-9997

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.6, watchOS 6.2.8. A malicious application may disclose restricted memory.

Assigned (20200302)

MISC:https://support.apple.com/kb/HT211289 | URL:https://support.apple.com/kb/HT211289 | MISC:https://support.apple.com/kb/HT211291 | URL:https://support.apple.com/kb/HT211291

CVE-2020-9996

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious application may be able to elevate privileges.

Assigned (20200302)

FULLDISC:20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 | URL:http://seclists.org/fulldisclosure/2020/Dec/32 | MISC:https://support.apple.com/en-us/HT211850 | URL:https://support.apple.com/en-us/HT211850 | MISC:https://support.apple.com/en-us/HT211931 | URL:https://support.apple.com/en-us/HT211931

CVE-2020-9994

A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. A malicious application may be able to overwrite arbitrary files.

Assigned (20200302)

MISC:https://support.apple.com/kb/HT211168 | URL:https://support.apple.com/kb/HT211168 | MISC:https://support.apple.com/kb/HT211170 | URL:https://support.apple.com/kb/HT211170 | MISC:https://support.apple.com/kb/HT211171 | URL:https://support.apple.com/kb/HT211171 | MISC:https://support.apple.com/kb/HT211175 | URL:https://support.apple.com/kb/HT211175

CVE-2020-9993

The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing.

Assigned (20200302)

MISC:https://support.apple.com/en-us/HT211844 | URL:https://support.apple.com/en-us/HT211844 | MISC:https://support.apple.com/en-us/HT211845 | URL:https://support.apple.com/en-us/HT211845 | MISC:https://support.apple.com/en-us/HT211850 | URL:https://support.apple.com/en-us/HT211850

CVE-2020-9992

This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network.

Assigned (20200302)

FULLDISC:20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 | URL:http://seclists.org/fulldisclosure/2020/Nov/20 | MISC:https://support.apple.com/HT211848 | URL:https://support.apple.com/HT211848 | MISC:https://support.apple.com/HT211850 | URL:https://support.apple.com/HT211850

CVE-2020-9991

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0, iCloud for Windows 7.21, tvOS 14.0. A remote attacker may be able to cause a denial of service.

Assigned (20200302)

CONFIRM:https://support.apple.com/kb/HT211846 | FULLDISC:20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 | URL:http://seclists.org/fulldisclosure/2020/Dec/32 | MISC:https://support.apple.com/en-us/HT211843 | URL:https://support.apple.com/en-us/HT211843 | MISC:https://support.apple.com/en-us/HT211844 | URL:https://support.apple.com/en-us/HT211844 | MISC:https://support.apple.com/en-us/HT211847 | URL:https://support.apple.com/en-us/HT211847 | MISC:https://support.apple.com/en-us/HT211850 | URL:https://support.apple.com/en-us/HT211850 | MISC:https://support.apple.com/en-us/HT211931 | URL:https://support.apple.com/en-us/HT211931

CVE-2020-9990

A race condition was addressed with additional validation. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges.

Assigned (20200302)

MISC:https://support.apple.com/kb/HT211289 | URL:https://support.apple.com/kb/HT211289

CVE-2020-9989

The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, iOS 14.0 and iPadOS 14.0. A local user may be able to discover a user’s deleted messages.

Assigned (20200302)

FULLDISC:20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 | URL:http://seclists.org/fulldisclosure/2020/Dec/32 | MISC:https://support.apple.com/en-us/HT211844 | URL:https://support.apple.com/en-us/HT211844 | MISC:https://support.apple.com/en-us/HT211850 | URL:https://support.apple.com/en-us/HT211850 | MISC:https://support.apple.com/en-us/HT211931 | URL:https://support.apple.com/en-us/HT211931

CVE-2020-9988

The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A local user may be able to discover a user’s deleted messages.

Assigned (20200302)

FULLDISC:20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 | URL:http://seclists.org/fulldisclosure/2020/Dec/32 | MISC:https://support.apple.com/en-us/HT211850 | URL:https://support.apple.com/en-us/HT211850 | MISC:https://support.apple.com/en-us/HT211931 | URL:https://support.apple.com/en-us/HT211931


Page created:

CVE year by year statistics.

CVE year statistics by common vulnerability domain.

Latest data from: 2021-01-11