Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-18	CVE-2019-8608	Use After Free vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. network low complexity apple CWE-416	6.3
2019-12-18	CVE-2019-8607	Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. network low complexity apple CWE-125	6.5
2019-12-18	CVE-2019-8598	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An input validation issue was addressed with improved input validation. local low complexity apple CWE-119	5.5
2019-12-18	CVE-2019-8597	Type Confusion vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. network low complexity apple CWE-843	6.5
2019-12-18	CVE-2019-8551	Cross-site Scripting vulnerability in Apple products A logic issue was addressed with improved validation. network low complexity apple CWE-79	6.1
2019-12-18	CVE-2019-8515	Improper Input Validation vulnerability in Apple products A cross-origin issue existed with the fetch API. network low complexity apple CWE-20	6.5
2019-12-18	CVE-2019-7292	Improper Input Validation vulnerability in Apple products A validation issue was addressed with improved logic. network low complexity apple CWE-20	6.5
2019-07-01	CVE-2019-13118	Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. network low complexity xmlsoft opensuse netapp oracle fedoraproject canonical apple CWE-843	5.3
2019-04-03	CVE-2018-4440	Improper Input Validation vulnerability in Apple products A logic issue was addressed with improved state management. network low complexity apple CWE-20	4.3
2019-04-03	CVE-2018-4439	Improper Input Validation vulnerability in Apple products A logic issue was addressed with improved validation. network low complexity apple CWE-20	6.5