Filtered by vendor Apple Subscriptions
Filtered by product Itunes Subscriptions
Total 922 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-3862 3 Apple, Opensuse, Redhat 8 Icloud, Ipados, Iphone Os and 5 more 2024-11-21 6.5 Medium
A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service.
CVE-2020-3861 1 Apple 1 Itunes 2024-11-21 7.1 High
The issue was addressed with improved permissions logic. This issue is fixed in iTunes for Windows 12.10.4. A user may gain access to protected parts of the file system.
CVE-2020-3846 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 8.8 High
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.
CVE-2020-3826 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 7.8 High
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2020-3825 1 Apple 6 Icloud, Ipados, Iphone Os and 3 more 2024-11-21 8.8 High
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-36521 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 7.1 High
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.
CVE-2020-27932 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 7.8 High
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges.
CVE-2020-27918 5 Apple, Debian, Fedoraproject and 2 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 7.8 High
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-27917 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 7.8 High
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web content may lead to code execution.
CVE-2020-27912 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 7.8 High
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2020-27911 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2024-11-21 7.8 High
An integer overflow was addressed through improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
CVE-2020-27895 1 Apple 1 Itunes 2024-11-21 3.3 Low
An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs.
CVE-2020-13631 9 Apple, Brocade, Canonical and 6 more 20 Icloud, Ipados, Iphone Os and 17 more 2024-11-21 5.5 Medium
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
CVE-2020-13630 10 Apple, Brocade, Canonical and 7 more 21 Icloud, Ipados, Iphone Os and 18 more 2024-11-21 7.0 High
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
CVE-2020-13434 8 Apple, Canonical, Debian and 5 more 16 Icloud, Ipados, Iphone Os and 13 more 2024-11-21 5.5 Medium
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
CVE-2020-11765 6 Apple, Canonical, Debian and 3 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 5.5 Medium
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.
CVE-2020-11764 7 Apple, Canonical, Debian and 4 more 13 Icloud, Ipados, Iphone Os and 10 more 2024-11-21 5.5 Medium
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.
CVE-2020-11763 7 Apple, Canonical, Debian and 4 more 13 Icloud, Ipados, Iphone Os and 10 more 2024-11-21 5.5 Medium
An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
CVE-2020-11762 6 Apple, Canonical, Debian and 3 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 5.5 Medium
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
CVE-2020-11761 6 Apple, Canonical, Debian and 3 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 5.5 Medium
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.