Vulnerabilities > Apple > Ipados > 13.1

DATE CVE VULNERABILITY TITLE RISK
2019-12-18 CVE-2019-8789 Link Following vulnerability in Apple Iphone OS
A validation issue existed in the handling of symlinks.
local
low complexity
apple CWE-59
5.5
5.5
2019-12-18 CVE-2019-8788 Improper Input Validation vulnerability in Apple Iphone OS
An issue existed in the parsing of URLs.
network
low complexity
apple CWE-20
7.5
7.5
2019-12-18 CVE-2019-8787 Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved input validation.
network
low complexity
apple CWE-125
7.5
7.5
2019-12-18 CVE-2019-8786 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
local
low complexity
apple CWE-787
7.8
7.8
2019-12-18 CVE-2019-8785 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
local
low complexity
apple CWE-787
7.8
7.8
2019-12-18 CVE-2019-8784 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
local
low complexity
apple CWE-787
7.8
7.8
2019-12-18 CVE-2019-8783 Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-787
8.8
8.8
2019-12-18 CVE-2019-8782 Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-787
8.8
8.8
2019-12-18 CVE-2019-8779 Exposure of Resource to Wrong Sphere vulnerability in Apple Ipados and Iphone OS
A logic issue applied the incorrect restrictions.
network
low complexity
apple CWE-668
critical
 10.0
10
2019-12-11 CVE-2019-14899 A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream.
low complexity
freebsd linux openbsd apple
7.4
7.4