Vulnerabilities > Apple > Itunes > 12.9.0

DATE CVE VULNERABILITY TITLE RISK
2019-04-03 CVE-2018-20505 SQL Injection vulnerability in multiple products
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
network
low complexity
sqlite apple CWE-89
7.5
7.5
2019-03-05 CVE-2019-6234 Out-of-bounds Write vulnerability in multiple products
A memory corruption issue was addressed with improved memory handling.
network
low complexity
apple webkitgtk CWE-787
8.8
8.8
2019-03-05 CVE-2019-6233 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
network
low complexity
apple CWE-787
8.8
8.8
2019-03-05 CVE-2019-6229 Cross-site Scripting vulnerability in Apple products
A logic issue was addressed with improved validation.
network
low complexity
apple CWE-79
6.1
6.1
2019-03-05 CVE-2019-6227 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
network
low complexity
apple CWE-787
8.8
8.8
2019-03-05 CVE-2019-6226 Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-787
8.8
8.8
2019-03-05 CVE-2019-6221 Out-of-bounds Read vulnerability in Apple Iphone OS
An out-of-bounds read was addressed with improved bounds checking.
local
low complexity
apple CWE-125
7.8
7.8
2019-03-05 CVE-2019-6217 Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-787
8.8
8.8
2019-03-05 CVE-2019-6216 Out-of-bounds Write vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-787
8.8
8.8
2019-03-05 CVE-2019-6215 Type Confusion vulnerability in multiple products
A type confusion issue was addressed with improved memory handling.
network
low complexity
apple canonical CWE-843
8.8
8.8