Vulnerabilities > Apple > Itunes > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-18 CVE-2019-8608 Use After Free vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-416
6.3
2019-12-18 CVE-2019-8607 Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved input validation.
network
low complexity
apple CWE-125
6.5
2019-12-18 CVE-2019-8598 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An input validation issue was addressed with improved input validation.
local
low complexity
apple CWE-119
5.5
2019-12-18 CVE-2019-8597 Type Confusion vulnerability in Apple products
Multiple memory corruption issues were addressed with improved memory handling.
network
low complexity
apple CWE-843
6.5
2019-12-18 CVE-2019-8551 Cross-site Scripting vulnerability in Apple products
A logic issue was addressed with improved validation.
network
low complexity
apple CWE-79
6.1
2019-12-18 CVE-2019-8515 Improper Input Validation vulnerability in Apple products
A cross-origin issue existed with the fetch API.
network
low complexity
apple CWE-20
6.5
2019-12-18 CVE-2019-7292 Improper Input Validation vulnerability in Apple products
A validation issue was addressed with improved logic.
network
low complexity
apple CWE-20
6.5
2019-07-01 CVE-2019-13118 Type Confusion vulnerability in multiple products
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
5.3
2019-04-03 CVE-2018-4440 Improper Input Validation vulnerability in Apple products
A logic issue was addressed with improved state management.
network
low complexity
apple CWE-20
4.3
2019-04-03 CVE-2018-4439 Improper Input Validation vulnerability in Apple products
A logic issue was addressed with improved validation.
network
low complexity
apple CWE-20
6.5