Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (16241 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-9983 3 Apple, Fedoraproject, Redhat 10 Icloud, Ipados, Iphone Os and 7 more 2024-11-21 8.8 High
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.
CVE-2020-9952 3 Apple, Redhat, Webkit 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 7.1 High
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack.
CVE-2020-9951 4 Apple, Debian, Redhat and 1 more 11 Icloud, Ipados, Iphone Os and 8 more 2024-11-21 8.8 High
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9948 4 Apple, Debian, Redhat and 1 more 5 Safari, Debian Linux, Enterprise Linux and 2 more 2024-11-21 8.8 High
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9925 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 6.1 Medium
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2020-9915 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 6.5 Medium
An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
CVE-2020-9895 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 9.8 Critical
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
CVE-2020-9894 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 4.3 Medium
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
CVE-2020-9893 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 8.8 High
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
CVE-2020-9862 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 7.8 High
A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection.
CVE-2020-9850 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 9.8 Critical
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.
CVE-2020-9843 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 7.1 High
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.
CVE-2020-9807 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 8.8 High
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9806 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 8.8 High
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9805 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 7.1 High
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2020-9803 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2024-11-21 8.8 High
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9548 5 Debian, Fasterxml, Netapp and 2 more 36 Debian Linux, Jackson-databind, Active Iq Unified Manager and 33 more 2024-11-21 9.8 Critical
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).
CVE-2020-9547 5 Debian, Fasterxml, Netapp and 2 more 28 Debian Linux, Jackson-databind, Active Iq Unified Manager and 25 more 2024-11-21 9.8 Critical
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).
CVE-2020-9546 5 Debian, Fasterxml, Netapp and 2 more 42 Debian Linux, Jackson-databind, Active Iq Unified Manager and 39 more 2024-11-21 9.8 Critical
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
CVE-2020-9490 7 Apache, Canonical, Debian and 4 more 28 Http Server, Ubuntu Linux, Debian Linux and 25 more 2024-11-21 7.5 High
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability for unpatched servers.