| 2019-12-18 | CVE-2019-8583 | Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling. | 8.8 |
| 2019-12-18 | CVE-2019-8577 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An input validation issue was addressed with improved memory handling. | 7.8 |
| 2019-12-18 | CVE-2019-8576 | Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved bounds checking. | 7.1 |
| 2019-12-18 | CVE-2019-8574 | Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling. | 7.8 |
| 2019-12-18 | CVE-2019-8571 | Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling. | 8.8 |
| 2019-12-18 | CVE-2019-8568 | Link Following vulnerability in Apple products
A validation issue existed in the handling of symlinks. | 5.5 |
| 2019-12-18 | CVE-2019-8560 | Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved bounds checking. | 5.5 |
| 2019-12-18 | CVE-2019-6237 | Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling. | 8.8 |
| 2019-12-11 | CVE-2019-14899 | A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. | 7.4 |
| 2019-07-01 | CVE-2019-13118 | Type Confusion vulnerability in multiple products
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. | 5.3 |