| 2020-02-27 | CVE-2020-3878 | Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved input validation. | 7.8 |
| 2020-02-24 | CVE-2019-20044 | Improper Check for Dropped Privileges vulnerability in multiple products
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. | 7.8 |
| 2019-12-18 | CVE-2019-8760 | Improper Authentication vulnerability in Apple Iphone OS
This issue was addressed by improving Face ID machine learning models. | 6.8 |
| 2019-12-18 | CVE-2019-8742 | Unspecified vulnerability in Apple Iphone OS
The issue was addressed by restricting options offered on a locked device. | 2.4 |
| 2019-12-18 | CVE-2019-8731 | Incorrect Default Permissions vulnerability in Apple Iphone OS
A permissions issue existed in which execute permission was incorrectly granted. | 5.5 |
| 2019-12-18 | CVE-2019-8727 | Unspecified vulnerability in Apple Iphone OS
A logic issue was addressed with improved state management. network low complexity apple | 4.3 |
| 2019-12-18 | CVE-2019-8711 | Improper Input Validation vulnerability in Apple Iphone OS
A logic issue existed with the display of notification previews. | 5.3 |
| 2019-12-18 | CVE-2019-8704 | Improper Authentication vulnerability in Apple Tvos
An authentication issue was addressed with improved state management. | 5.5 |
| 2019-12-18 | CVE-2019-8674 | Cross-site Scripting vulnerability in multiple products
A logic issue was addressed with improved state management. | 6.1 |
| 2019-12-11 | CVE-2019-14899 | A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. | 7.4 |