Vulnerabilities > Apple > Iphone OS > 14.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-02 | CVE-2020-29608 | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved bounds checking. | 4.3 |
| 2021-04-02 | CVE-2020-27951 | Unspecified vulnerability in Apple Ipados and Iphone OS This issue was addressed with improved checks. network apple | 6.8 |
| 2021-04-02 | CVE-2020-27948 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 6.8 |
| 2021-04-02 | CVE-2020-27946 | Information Exposure vulnerability in Apple products An information disclosure issue was addressed with improved state management. | 4.3 |
| 2021-04-02 | CVE-2020-27944 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products A memory corruption issue existed in the processing of font files. | 6.8 |
| 2021-04-02 | CVE-2020-27943 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products A memory corruption issue existed in the processing of font files. | 6.8 |
| 2021-03-26 | CVE-2020-7463 | Use After Free vulnerability in multiple products In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. | 5.5 |
| 2021-02-16 | CVE-2021-23841 | NULL Pointer Dereference vulnerability in multiple products The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. | 5.9 |
| 2020-12-08 | CVE-2020-9972 | Classic Buffer Overflow vulnerability in Apple products A buffer overflow issue was addressed with improved memory handling. | 6.8 |
| 2020-11-03 | CVE-2020-15969 | Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |