Apple Ipad Os vulnerabilities
89 known vulnerabilities affecting apple/ipad_os.
Total CVEs
89
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH38MEDIUM37LOW10
Vulnerabilities
Page 4 of 5
CVE-2020-27943HIGHCVSS 7.8fixed in 14.32021-04-02
CVE-2020-27943 [HIGH] CWE-787 CVE-2020-27943: A memory corruption issue existed in the processing of font files. This issue was addressed with imp
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in tvOS 14.3, iOS 14.3 and iPadOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.2. Processing a maliciously crafted font file may lead to arbitrary cod
nvd
CVE-2020-27944HIGHCVSS 7.8fixed in 14.32021-04-02
CVE-2020-27944 [HIGH] CWE-787 CVE-2020-27944: A memory corruption issue existed in the processing of font files. This issue was addressed with imp
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary cod
nvd
CVE-2021-1797MEDIUMCVSS 5.5fixed in 14.42021-04-02
CVE-2021-1797 [MEDIUM] CVE-2021-1797: The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2,
The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files.
nvd
CVE-2021-1799MEDIUMCVSS 6.5fixed in 14.42021-04-02
CVE-2021-1799 [MEDIUM] CVE-2021-1799: A port redirection issue was addressed with additional port validation. This issue is fixed in macOS
A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers.
nvd
CVE-2021-1801MEDIUMCVSS 6.5fixed in 14.42021-04-02
CVE-2021-1801 [MEDIUM] CVE-2021-1801: This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy.
nvd
CVE-2020-9972HIGHCVSS 7.8fixed in 14.32020-12-08
CVE-2020-9972 [HIGH] CWE-120 CVE-2020-9972: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
nvd
CVE-2019-8751HIGHCVSS 8.8fixed in 13.12020-10-27
CVE-2019-8751 [HIGH] CWE-787 CVE-2019-8751: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8752HIGHCVSS 8.8fixed in 13.12020-10-27
CVE-2019-8752 [HIGH] CWE-787 CVE-2019-8752: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8740HIGHCVSS 7.8fixed in 13.12020-10-27
CVE-2019-8740 [HIGH] CWE-787 CVE-2019-8740: A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.
nvd
CVE-2019-8773HIGHCVSS 8.8fixed in 13.12020-10-27
CVE-2019-8773 [HIGH] CWE-787 CVE-2019-8773: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2019-8706HIGHCVSS 7.8fixed in 13.12020-10-27
CVE-2019-8706 [HIGH] CWE-787 CVE-2019-8706: A memory corruption issue was addressed with improved state management. This issue is fixed in macOS
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to arbitrary code execution.
nvd
CVE-2019-8774MEDIUMCVSS 5.5fixed in 13.12020-10-27
CVE-2019-8774 [MEDIUM] CWE-20 CVE-2019-8774: A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service.
nvd
CVE-2019-8762MEDIUMCVSS 6.1fixed in 13.12020-10-27
CVE-2019-8762 [MEDIUM] CWE-79 CVE-2019-8762: A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1
A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting.
nvd
CVE-2020-3918MEDIUMCVSS 5.5fixed in 13.42020-10-22
CVE-2020-3918 [MEDIUM] CVE-2020-3918: An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A local user may be able to view sensitive user information.
nvd
CVE-2020-9787MEDIUMCVSS 5.3fixed in 13.42020-10-22
CVE-2020-9787 [MEDIUM] CVE-2020-9787: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. Some websites may not have appeared in Safari Preferences.
nvd
CVE-2020-9772MEDIUMCVSS 5.5fixed in 13.42020-10-22
CVE-2020-9772 [MEDIUM] CVE-2020-9772: A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 1
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A sandboxed process may be able to circumvent sandbox restrictions.
nvd
CVE-2020-3901HIGHCVSS 8.8fixed in 13.42020-04-01
CVE-2020-3901 [HIGH] CWE-843 CVE-2020-3901: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd
CVE-2020-3899HIGHCVSS 8.8fixed in 13.42020-04-01
CVE-2020-3899 [HIGH] CVE-2020-3899: A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 1
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.
nvd
CVE-2020-3897HIGHCVSS 8.8fixed in 13.42020-04-01
CVE-2020-3897 [HIGH] CWE-843 CVE-2020-3897: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.
nvd
CVE-2020-3900HIGHCVSS 8.8fixed in 13.42020-04-01
CVE-2020-3900 [HIGH] CWE-787 CVE-2020-3900: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.
nvd