Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-29625 | 1 Apple | 2 Mac Os X, Macos | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2018-17914 | 1 Aveva | 3 Edge, Indusoft Web Studio, Intouch Machine Edition 2014 | 2021-04-08 | 10.0 HIGH | 9.8 CRITICAL |
| InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime. | |||||
| CVE-2021-28832 | 1 Vim Project | 1 Vim | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration. | |||||
| CVE-2021-1818 | 1 Apple | 6 Ipad Os, Iphone Os, Mac Os X and 3 more | 2021-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | |||||
| CVE-2021-29261 | 1 Svelte | 1 Svelte | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration. | |||||
| CVE-2019-20463 | 1 Sannce | 2 Smart Hd Wifi Security Camera Ean 2 950004 595317, Smart Hd Wifi Security Camera Ean 2 950004 595317 Firmware | 2021-04-08 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. A crash and reboot can be triggered by crafted IP traffic, as demonstrated by the Nikto vulnerability scanner. For example, sending the 111111 string to UDP port 20188 causes a reboot. To deny service for a long time period, the crafted IP traffic may be sent periodically. | |||||
| CVE-2021-1800 | 1 Apple | 1 Xcode | 2021-04-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| A path handling issue was addressed with improved validation. This issue is fixed in Xcode 12.4. A malicious application may be able to access arbitrary files on the host device while running an app that uses on-demand resources with Xcode. | |||||
| CVE-2021-1803 | 1 Apple | 1 Macos | 2021-04-08 | 4.3 MEDIUM | 3.3 LOW |
| The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A local application may be able to enumerate the user's iCloud documents. | |||||
| CVE-2020-29614 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted file may lead to heap corruption. | |||||
| CVE-2020-27949 | 1 Apple | 2 Mac Os X, Macos | 2021-04-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may cause unexpected changes in memory belonging to processes traced by DTrace. | |||||
| CVE-2008-1329 | 2 Broadcom, Computer Associates | 3 Desktop Management Suite, Arcserve Backup Laptops And Desktops, Desktop Management Suite | 2021-04-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads." | |||||
| CVE-2011-3849 | 1 Broadcom | 1 Directory | 2021-04-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in dxserver before 6279 in CA Directory 8.1 and CA Directory r12 before SP7 CR1 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP packet. | |||||
| CVE-2020-29613 | 1 Apple | 2 Ipados, Iphone Os | 2021-04-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 14.3 and iPadOS 14.3. An enterprise application installation prompt may display the wrong domain. | |||||
| CVE-2020-9971 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2021-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| A logic issue was addressed with improved validation. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. A malicious application may be able to elevate privileges. | |||||
| CVE-2019-20465 | 1 Sannce | 2 Smart Hd Wifi Security Camera Ean 2 950004 595317, Smart Hd Wifi Security Camera Ean 2 950004 595317 Firmware | 2021-04-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. It is possible (using TELNET without a password) to control the camera's pan/zoom/tilt functionality. | |||||
| CVE-2020-9978 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2021-04-07 | 2.7 LOW | 4.5 MEDIUM |
| This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be able to unexpectedly alter application state. | |||||
| CVE-2021-1742 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2021-04-07 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2020-27939 | 1 Apple | 1 Macos | 2021-04-07 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2010-2157 | 1 Microsoft | 1 Windows | 2021-04-07 | 2.1 LOW | N/A |
| Unspecified vulnerability in CA ARCserve Backup r11.5 SP4, r12.0 SP2, and r12.5 SP1 on Windows allows local users to obtain sensitive information via unknown vectors. | |||||
| CVE-2020-27951 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2021-04-07 | 6.8 MEDIUM | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in watchOS 6.3, iOS 12.5, iOS 14.3 and iPadOS 14.3, watchOS 7.2. Unauthorized code execution may lead to an authentication policy violation. | |||||