Skip to main content

Icloud

342 CVEs product

Monthly

CVE-2022-46698 MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft Icloud Safari +5
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-46693 HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Microsoft RCE Memory Corruption +6
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-46692 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Authentication Bypass Icloud Safari +5
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1857 MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure Icloud Itunes +6
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-1825 MEDIUM This Month

An input validation issue was addressed with improved input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft XSS Icloud Itunes +6
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2021-1811 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure Icloud Itunes +6
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2021-30928 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Memory Corruption Ipados +5
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9991 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Apple Icloud Ipados +4
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-27918 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption Apple RCE +12
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-27932 HIGH KEV THREAT This Week

A type confusion issue was addressed with improved state handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Apple Icloud Itunes +5
NVD
CVSS 3.1
7.8
EPSS
10.3%
CVE-2020-27917 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption Apple RCE +8
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2020-27912 HIGH This Week

An out-of-bounds write was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2020-27911 HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Microsoft Integer Overflow Icloud +6
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2020-9999 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
8.5%
CVE-2020-9981 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption Apple RCE +8
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9947 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption Apple RCE +8
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2020-9849 MEDIUM This Month

An information disclosure issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure Icloud Itunes +4
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2020-10002 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-9961 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Icloud +6
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2020-3864 HIGH This Week

A logic issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Icloud Itunes +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-9984 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9938 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9937 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9919 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9883 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft Apple Icloud +7
NVD
CVSS 3.1
7.8
EPSS
5.7%
CVE-2020-9879 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9877 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9876 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +8
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-9875 HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Microsoft Integer Overflow Icloud +6
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9874 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9873 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9872 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9871 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9983 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Icloud +7
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2020-9952 HIGH This Week

An input validation issue was addressed with improved input validation. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple Icloud Safari +5
NVD
CVSS 3.1
7.1
EPSS
1.5%
CVE-2020-9951 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Apple RCE Use After Free +9
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2020-9936 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9925 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-9916 MEDIUM This Month

A URL Unicode encoding issue was addressed with improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2020-9915 MEDIUM This Month

An access issue existed in Content Security Policy. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2020-9910 HIGH This Week

Multiple issues were addressed with improved logic. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Apple Icloud Itunes +5
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2020-9895 CRITICAL Act Now

A use after free issue was addressed with improved memory management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption Apple RCE +8
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2020-9894 MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
4.3
EPSS
2.7%
CVE-2020-9893 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption Apple RCE +8
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2020-9862 HIGH This Week

A command injection issue existed in Web Inspector. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Command Injection Apple Icloud Itunes +5
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2020-15358 MEDIUM POC PATCH This Month

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Sqlite Ubuntu Linux Icloud +13
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2020-9850 CRITICAL POC THREAT Emergency

A logic issue was addressed with improved restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Microsoft Apple Icloud Itunes +5
NVD GitHub
CVSS 3.1
9.8
EPSS
77.2%
CVE-2020-9843 HIGH This Week

An input validation issue was addressed with improved input validation. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-9807 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-9806 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-9805 HIGH This Week

A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-9803 HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft Apple Icloud +6
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-9802 HIGH This Week

A logic issue was addressed with improved restrictions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
8.8
EPSS
8.2%
CVE-2020-9800 HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption Apple Icloud +6
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2020-9794 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Buffer Overflow Apple Information Disclosure +7
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2020-9790 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2020-9789 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2020-13631 MEDIUM PATCH This Month

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Sqlite Fedora Ubuntu Linux Cloud Backup +14
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2020-13630 HIGH PATCH This Week

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Sqlite Fedora +17
NVD
CVSS 3.1
7.0
EPSS
1.0%
CVE-2020-13434 MEDIUM POC PATCH This Month

SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Sqlite Debian Linux Fedora +12
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2020-11765 MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr Fedora Leap +9
NVD GitHub
CVSS 3.1
5.5
EPSS
1.7%
CVE-2020-11764 MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Openexr Fedora Ubuntu Linux +9
NVD GitHub
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-11763 MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr Fedora Ubuntu Linux +9
NVD GitHub
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-11762 MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr Fedora Ubuntu Linux +9
NVD GitHub
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-11761 MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr Fedora Ubuntu Linux +8
NVD GitHub
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-11760 MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr Fedora Ubuntu Linux +9
NVD GitHub
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-11759 MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Openexr Fedora Ubuntu Linux +8
NVD GitHub
CVSS 3.1
5.5
EPSS
1.7%
CVE-2020-11758 MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr Fedora Ubuntu Linux +9
NVD GitHub
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-9783 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2020-3911 CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-3910 CRITICAL Act Now

A buffer overflow was addressed with improved size validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-3909 CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple Icloud Itunes +6
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2020-3902 MEDIUM This Month

An input validation issue was addressed with improved input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple Icloud Itunes +4
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-3901 HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption Apple Icloud +6
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-3900 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2020-3899 HIGH This Week

A memory consumption issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3897 HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption Apple Icloud +6
NVD
CVSS 3.1
8.8
EPSS
4.4%
CVE-2020-3895 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2020-3894 LOW Monitor

A race condition was addressed with additional validation. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Microsoft Apple Icloud +5
NVD
CVSS 3.1
3.1
EPSS
1.1%
CVE-2020-3887 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Icloud Itunes +4
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-3885 MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Icloud Itunes +4
NVD
CVSS 3.1
4.3
EPSS
1.7%
CVE-2020-3878 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
9.2%
CVE-2020-3868 HIGH PATCH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
2.6%
CVE-2020-3867 MEDIUM PATCH This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Apple Icloud Itunes +6
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-3865 HIGH PATCH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-3862 MEDIUM PATCH This Month

A denial of service issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2020-3846 HIGH This Week

A buffer overflow was addressed with improved size validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft Apple Icloud +6
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-3826 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-3825 HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +6
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2019-8823 HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple RCE Memory Corruption +6
NVD
CVSS 3.1
8.8
EPSS
1.9%
EPSS 1% CVSS 6.5
MEDIUM This Month

A logic issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Microsoft +7
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Microsoft +8
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Authentication Bypass +7
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A memory initialization issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure +8
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

An input validation issue was addressed with improved input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft XSS +8
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure +8
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +7
NVD
EPSS 3% CVSS 7.5
HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Apple +6
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption +14
NVD
EPSS 10% CVSS 7.8
HIGH KEV THREAT This Week

A type confusion issue was addressed with improved state handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Apple +7
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption +10
NVD
EPSS 2% CVSS 7.8
HIGH This Week

An out-of-bounds write was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 3% CVSS 7.8
HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Microsoft +8
NVD
EPSS 8% CVSS 7.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption +10
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption +10
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

An information disclosure issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple +7
NVD
EPSS 2% CVSS 7.8
HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE +8
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A logic issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 6% CVSS 7.8
HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple +9
NVD
EPSS 2% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +10
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Microsoft +8
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 2% CVSS 8.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +9
NVD
EPSS 1% CVSS 7.1
HIGH This Week

An input validation issue was addressed with improved input validation. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple +7
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Apple +11
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple +7
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A URL Unicode encoding issue was addressed with improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple +7
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An access issue existed in Content Security Policy. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple +7
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Multiple issues were addressed with improved logic. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Apple +7
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

A use after free issue was addressed with improved memory management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption +10
NVD
EPSS 3% CVSS 4.3
MEDIUM This Month

An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple +9
NVD
EPSS 3% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption +10
NVD
EPSS 2% CVSS 7.8
HIGH This Week

A command injection issue existed in Web Inspector. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Command Injection Apple +7
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Sqlite +15
NVD
EPSS 77% CVSS 9.8
CRITICAL POC THREAT Emergency

A logic issue was addressed with improved restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Microsoft Apple +7
NVD GitHub
EPSS 1% CVSS 7.1
HIGH This Week

An input validation issue was addressed with improved input validation. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple +7
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 7.1
HIGH This Week

A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple +7
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft +8
NVD
EPSS 8% CVSS 8.8
HIGH This Week

A logic issue was addressed with improved restrictions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Apple +7
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption +8
NVD
EPSS 2% CVSS 8.1
HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Buffer Overflow +9
NVD
EPSS 2% CVSS 8.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 2% CVSS 8.8
HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Sqlite Fedora +16
NVD
EPSS 1% CVSS 7.0
HIGH PATCH This Week

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. Rated high severity (CVSS 7.0). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure +19
NVD
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Integer Overflow Sqlite +14
NVD
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr +11
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Openexr +11
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr +11
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr +11
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr +10
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr +11
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Openexr +10
NVD GitHub
EPSS 2% CVSS 5.5
MEDIUM POC This Month

An issue was discovered in OpenEXR before 2.4.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Openexr +11
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption +9
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple +7
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A buffer overflow was addressed with improved size validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple +7
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple +8
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

An input validation issue was addressed with improved input validation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Microsoft Apple +6
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption +8
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 4% CVSS 8.8
HIGH This Week

A memory consumption issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Apple +7
NVD
EPSS 4% CVSS 8.8
HIGH This Week

A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE Memory Corruption +8
NVD
EPSS 3% CVSS 8.8
HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 3.1
LOW Monitor

A race condition was addressed with additional validation. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Microsoft +7
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple +6
NVD
EPSS 2% CVSS 4.3
MEDIUM This Month

A logic issue was addressed with improved restrictions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple +6
NVD
EPSS 9% CVSS 7.8
HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple +9
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Apple +8
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Microsoft Buffer Overflow Memory Corruption +9
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

A denial of service issue was addressed with improved memory handling. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Apple +7
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A buffer overflow was addressed with improved size validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft +8
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple +9
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption +8
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple +8
NVD
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy