Skip to main content
CVE-2020-3867 MEDIUM PATCH This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Apple Icloud Itunes +6
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-3875 MEDIUM This Month

A validation issue was addressed with improved input sanitization. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +3
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2020-3872 MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2020-3866 MEDIUM This Month

This was addressed with additional checks by Gatekeeper on files mounted through a network share. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2020-3839 MEDIUM This Month

A validation issue was addressed with improved input sanitization. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-3836 MEDIUM This Month

An access issue was addressed with improved memory management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-3874 MEDIUM This Month

An issued existed in the naming of screenshots. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-3869 MEDIUM This Month

An issue existed in the handling of the local user's self-view. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2020-5401 MEDIUM This Month

Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Routing Release
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-7042 MEDIUM PATCH This Month

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Information Disclosure Openfortivpn Fedora Backports Sle +1
NVD GitHub
CVSS 3.1
5.3
EPSS
1.5%
CVE-2020-7041 MEDIUM PATCH This Month

An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Information Disclosure Openfortivpn Fedora Backports Sle +1
NVD GitHub
CVSS 3.1
5.3
EPSS
1.7%
CVE-2020-3835 MEDIUM This Month

A validation issue existed in the handling of symlinks. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-3833 MEDIUM This Month

An inconsistent user interface issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Safari
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-3873 LOW Monitor

This issue was addressed with improved setting propagation. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2020-3844 LOW Monitor

This issue was addressed with improved checks. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2020-3830 LOW Monitor

A validation issue existed in the handling of symlinks. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2020-3859 LOW Monitor

An inconsistent user interface issue was addressed with improved state management. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
2.4
EPSS
0.3%
CVE-2020-3828 LOW Monitor

A lock screen issue allowed access to contacts on a locked device. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
2.4
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy