Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ipados
(Apple)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1520 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-04-14 | CVE-2020-11760 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. | Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Openexr, Leap | 5.5 | ||
| 2020-04-14 | CVE-2020-11761 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. | Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Openexr | 5.5 | ||
| 2020-04-14 | CVE-2020-11762 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. | Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Openexr, Leap | 5.5 | ||
| 2020-04-14 | CVE-2020-11763 | An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. | Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Openexr, Leap | 5.5 | ||
| 2020-04-14 | CVE-2020-11764 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. | Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Openexr, Leap | 5.5 | ||
| 2020-04-14 | CVE-2020-11765 | An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. | Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Openexr, Leap | 5.5 | ||
| 2019-12-11 | CVE-2019-14899 | A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel. | Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Freebsd, Linux_kernel, Openbsd | 7.4 | ||
| 2020-12-08 | CVE-2020-10002 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files. | Icloud, Ipados, Iphone_os, Itunes, Mac_os_x, Tvos, Watchos | 5.5 | ||
| 2020-12-08 | CVE-2020-10003 | An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges. | Ipados, Iphone_os, Mac_os_x, Tvos, Watchos | 7.8 | ||
| 2020-12-08 | CVE-2020-10004 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. | Ipados, Iphone_os, Mac_os_x, Tvos | 7.8 |