13.2.2

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-27	CVE-2020-3836	Unspecified vulnerability in Apple products An access issue was addressed with improved memory management. local low complexity apple	5.5
2020-02-27	CVE-2020-3831	Race Condition vulnerability in Apple Iphone OS A race condition was addressed with improved locking. local high complexity apple CWE-362	7.0
2020-02-27	CVE-2020-3829	Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2020-02-27	CVE-2020-3828	Unspecified vulnerability in Apple Iphone OS A lock screen issue allowed access to contacts on a locked device. low complexity apple	2.4
2020-02-27	CVE-2020-3826	Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. local low complexity apple CWE-125	7.8
2020-02-27	CVE-2020-3825	Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. network low complexity apple CWE-787	8.8
2020-02-24	CVE-2019-20044	Improper Check for Dropped Privileges vulnerability in multiple products In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. local low complexity zsh fedoraproject debian apple CWE-273	7.8
2019-12-11	CVE-2019-14899	A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. low complexity freebsd linux openbsd apple	7.4