Vulnerabilities > Apple > Iphone OS > 3.1

DATE CVE VULNERABILITY TITLE RISK
2020-02-27 CVE-2020-3840 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An off by one issue existed in the handling of racoon configuration files.
network
apple CWE-119
6.8
2020-02-27 CVE-2020-3838 Incorrect Default Permissions vulnerability in Apple products
The issue was addressed with improved permissions logic.
network
apple CWE-276
critical
9.3
2020-02-27 CVE-2020-3837 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
network
apple CWE-119
critical
9.3
2020-02-27 CVE-2020-3836 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An access issue was addressed with improved memory management.
local
low complexity
apple CWE-119
2.1
2020-02-27 CVE-2020-3831 Race Condition vulnerability in Apple Ipados and Iphone OS
A race condition was addressed with improved locking.
network
high complexity
apple CWE-362
7.6
2020-02-27 CVE-2020-3829 Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved bounds checking.
network
apple CWE-125
critical
9.3
2020-02-27 CVE-2020-3828 Information Exposure vulnerability in Apple Ipados and Iphone OS
A lock screen issue allowed access to contacts on a locked device.
local
low complexity
apple CWE-200
2.1
2020-02-27 CVE-2020-3826 Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved input validation.
network
apple CWE-125
6.8
2020-02-27 CVE-2020-3825 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
apple CWE-119
6.8
2020-02-24 CVE-2019-20044 Improper Check for Dropped Privileges vulnerability in multiple products
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option.
local
low complexity
zsh fedoraproject debian apple CWE-273
7.8