CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2501 CVE-2020-10039 311 +Priv 2020-07-14 2020-07-15
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and gain read and write access to the transmitted data.
2502 CVE-2020-10030 125 DoS Exec Code 2020-05-19 2020-06-14
6.5
None Remote Low ??? Partial Partial Partial
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems where gethostname() does not have '\0' termination of the returned string if the hostname is larger than the supplied buffer. (Linux systems are not affected because the buffer is always large enough. OpenBSD systems are not affected because the returned hostname always has '\0' termination.) Under some conditions, this issue can lead to the writing of one '\0' byte out-of-bounds on the stack, causing a denial of service or possibly arbitrary code execution.
2503 CVE-2020-10017 787 Exec Code 2020-12-08 2021-03-11
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution.
2504 CVE-2020-10011 125 Exec Code 2020-12-08 2020-12-16
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
2505 CVE-2020-10004 Exec Code 2020-12-08 2021-03-22
6.8
None Remote Medium Not required Partial Partial Partial
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.
2506 CVE-2020-9999 119 Exec Code Overflow Mem. Corr. 2020-12-08 2021-03-11
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution.
2507 CVE-2020-9996 416 2020-12-08 2021-03-11
6.8
None Remote Medium Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious application may be able to elevate privileges.
2508 CVE-2020-9990 367 Exec Code 2020-10-22 2020-10-30
6.9
None Local Medium Not required Complete Complete Complete
A race condition was addressed with additional validation. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges.
2509 CVE-2020-9985 120 Exec Code Overflow 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
2510 CVE-2020-9984 125 Exec Code 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
2511 CVE-2020-9983 787 Exec Code 2020-10-16 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.
2512 CVE-2020-9980 787 Exec Code 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted font file may lead to arbitrary code execution.
2513 CVE-2020-9972 120 Exec Code Overflow 2020-12-08 2021-03-22
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
2514 CVE-2020-9971 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
A logic issue was addressed with improved validation. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. A malicious application may be able to elevate privileges.
2515 CVE-2020-9966 125 Exec Code 2020-12-08 2021-03-11
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.
2516 CVE-2020-9962 120 Exec Code Overflow 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted image may lead to arbitrary code execution.
2517 CVE-2020-9961 125 Exec Code 2020-10-27 2020-12-02
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
2518 CVE-2020-9960 125 Exec Code 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted audio file may lead to arbitrary code execution.
2519 CVE-2020-9956 125 Exec Code 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted font file may lead to arbitrary code execution.
2520 CVE-2020-9955 787 Exec Code 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution.
2521 CVE-2020-9954 120 Exec Code Overflow 2020-12-08 2020-12-09
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 7.0, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Playing a malicious audio file may lead to arbitrary code execution.
2522 CVE-2020-9951 416 Exec Code 2020-10-16 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
2523 CVE-2020-9950 416 Exec Code 2020-12-08 2020-12-09
6.8
None Remote Medium Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, tvOS 14.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
2524 CVE-2020-9948 843 Exec Code 2020-10-16 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
2525 CVE-2020-9947 416 Exec Code 2020-12-08 2021-05-01
6.8
None Remote Medium Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
2526 CVE-2020-9940 120 Exec Code Overflow 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
2527 CVE-2020-9938 125 Exec Code 2020-10-22 2020-10-28
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
2528 CVE-2020-9937 787 Exec Code 2020-10-22 2020-10-26
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
2529 CVE-2020-9936 787 Exec Code 2020-10-16 2020-10-20
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
2530 CVE-2020-9932 119 Exec Code Overflow Mem. Corr. 2020-10-27 2020-11-03
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved validation. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, tvOS 13. Processing maliciously crafted web content may lead to arbitrary code execution.
2531 CVE-2020-9930 125 2021-04-02 2021-04-08
6.6
None Local Low Not required Complete None Complete
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A local user may be able to cause unexpected system termination or read kernel memory.
2532 CVE-2020-9929 Mem. Corr. 2020-10-22 2020-10-27
6.6
None Local Low Not required Complete None Complete
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory.
2533 CVE-2020-9926 416 Exec Code 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, iCloud for Windows 7.20, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.
2534 CVE-2020-9921 367 Exec Code Mem. Corr. 2020-10-22 2020-10-27
6.9
None Local Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with system privileges.
2535 CVE-2020-9920 22 Dir. Trav. 2020-10-22 2020-10-27
6.4
None Remote Low Not required None Partial Partial
A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A malicious mail server may overwrite arbitrary mail files.
2536 CVE-2020-9919 787 Exec Code Overflow 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
2537 CVE-2020-9910 287 Bypass 2020-10-16 2020-10-20
6.5
None Remote Low ??? Partial Partial Partial
Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
2538 CVE-2020-9908 125 2020-10-22 2020-10-29
6.6
None Local Low Not required Complete None Complete
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory.
2539 CVE-2020-9893 416 Exec Code 2020-10-16 2020-10-20
6.8
None Remote Medium Not required Partial Partial Partial
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
2540 CVE-2020-9891 125 Exec Code 2020-10-16 2020-10-19
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.
2541 CVE-2020-9890 125 Exec Code 2020-10-16 2020-10-19
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.
2542 CVE-2020-9889 787 Exec Code 2020-10-16 2020-12-03
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.
2543 CVE-2020-9888 125 Exec Code 2020-10-16 2020-10-19
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.
2544 CVE-2020-9887 119 Exec Code Overflow Mem. Corr. 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. Viewing a maliciously crafted JPEG file may lead to arbitrary code execution.
2545 CVE-2020-9884 787 Exec Code 2020-10-16 2020-10-20
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted audio file may lead to arbitrary code execution.
2546 CVE-2020-9883 120 Exec Code Overflow 2020-10-22 2020-12-15
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
2547 CVE-2020-9882 120 Exec Code Overflow 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
2548 CVE-2020-9881 120 Exec Code Overflow 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
2549 CVE-2020-9880 120 Exec Code Overflow 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
2550 CVE-2020-9879 787 Exec Code 2020-10-22 2020-10-27
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.
Total number of vulnerabilities : 22306   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 (This Page)52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.