Vulnerabilities > Apple > Itunes > 12.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-01 | CVE-2020-3885 | Always-Incorrect Control Flow Implementation vulnerability in Apple products A logic issue was addressed with improved restrictions. | 4.3 |
| 2020-02-27 | CVE-2020-3878 | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 6.8 |
| 2020-02-27 | CVE-2020-3868 | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 9.3 |
| 2020-02-27 | CVE-2020-3867 | Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. | 4.3 |
| 2020-02-27 | CVE-2020-3865 | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 6.8 |
| 2020-02-27 | CVE-2020-3862 | A denial of service issue was addressed with improved memory handling. | 4.3 |
| 2020-02-27 | CVE-2020-3861 | Missing Authorization vulnerability in Apple Itunes The issue was addressed with improved permissions logic. | 3.6 |
| 2020-02-27 | CVE-2020-3846 | XML Injection (aka Blind XPath Injection) vulnerability in Apple products A buffer overflow was addressed with improved size validation. | 6.8 |
| 2020-02-27 | CVE-2020-3826 | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 6.8 |
| 2020-02-27 | CVE-2020-3825 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. | 6.8 |