Apple Ios 13.6 And Ipados vulnerabilities

CVE-2020-9900 [HIGH] CVE-2020-9900: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9900 Component: Crash Reporter Impact: A local attacker may be able to elevate their privileges Description: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.

CVE-2020-9911 [HIGH] CVE-2020-9911: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9911 Component: Safari Reader Impact: An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy Description: A logic issue was addressed with improved restrictions.

CVE-2020-9931 [HIGH] CVE-2020-9931: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9931 Component: Bluetooth Impact: A remote attacker may cause an unexpected application termination Description: A denial of service issue was addressed with improved input validation.

CVE-2020-9876 [HIGH] CVE-2020-9876: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9876 Component: ImageIO Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2020-9901 [HIGH] CVE-2020-9901: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9901 Component: Security Impact: An attacker may have been able to impersonate a trusted website using shared key material for an administrator added certificate Description: A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved c

CVE-2020-9863 [HIGH] CVE-2020-9863: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9863 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory initialization issue was addressed with improved memory handling.

CVE-2020-27933 [HIGH] CVE-2020-27933: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-27933 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2020-9904 [HIGH] CVE-2020-9904: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9904 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management.

CVE-2020-9923 [HIGH] CVE-2020-9923: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9923 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2020-9938 [HIGH] CVE-2020-9938: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9938 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation.

CVE-2019-14899 [HIGH] CVE-2019-14899: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2019-14899 Component: Kernel Impact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel Description: A routing issue was addressed with improved restrictions.

CVE-2020-9926 [HIGH] CVE-2020-9926: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9926 Component: Kernel Impact: A remote attacker may be able to cause a denial of service Description: A buffer overflow was addressed with improved bounds checking.

CVE-2020-9890 [HIGH] CVE-2020-9890: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9890 Component: Audio Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2020-11762 [MEDIUM] CVE-2020-11762: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-11762 Component: ImageIO Impact: Multiple buffer overflow issues existed in openEXR Description: Multiple issues in openEXR were addressed with improved checks.

CVE-2020-9894 [MEDIUM] CVE-2020-9894: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9894 Component: WebKit Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation.

CVE-2020-9885 [MEDIUM] CVE-2020-9885: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9885 Component: Messages Impact: A user that is removed from an iMessage group could rejoin the group Description: An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification.

CVE-2020-9916 [MEDIUM] CVE-2020-9916: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9916 Component: WebKit Page Loading Impact: A malicious attacker may be able to conceal the destination of a URL Description: A URL Unicode encoding issue was addressed with improved state management.

CVE-2020-9915 [MEDIUM] CVE-2020-9915: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9915 Component: WebKit Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.

CVE-2020-11760 [MEDIUM] CVE-2020-11760: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-11760 Component: ImageIO Impact: Multiple buffer overflow issues existed in openEXR Description: Multiple issues in openEXR were addressed with improved checks.

CVE-2020-9925 [MEDIUM] CVE-2020-9925: iOS 13.6 and iPadOS 13.6 Apple Security Update: About the security content of iOS 13.6 and iPadOS 13.6 Product: iOS 13.6 and iPadOS Version: 13.6 CVE: CVE-2020-9925 Component: WebKit Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management.