Vulnerabilities > Apple > Iphone OS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-18 | CVE-2019-6237 | Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. | 8.8 |
| 2019-12-18 | CVE-2019-6222 | Unspecified vulnerability in Apple Iphone OS A consistency issue was addressed with improved state handling. | 4.3 |
| 2019-12-18 | CVE-2019-6207 | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read issue existed that led to the disclosure of kernel memory. | 5.5 |
| 2019-12-18 | CVE-2019-6204 | Cross-site Scripting vulnerability in Apple Iphone OS A logic issue was addressed with improved validation. | 6.1 |
| 2019-12-18 | CVE-2019-6201 | Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. | 8.8 |
| 2019-12-11 | CVE-2019-14899 | A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. | 7.4 |
| 2019-10-03 | CVE-2019-15165 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | 5.3 |
| 2019-08-14 | CVE-2019-9506 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. | 8.1 |
| 2019-07-01 | CVE-2019-13118 | Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. | 5.3 |
| 2019-04-03 | CVE-2018-4465 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS A memory corruption issue was addressed with improved memory handling. | 7.8 |