10.12.6

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-18	CVE-2019-6239	Unspecified vulnerability in Apple mac OS X This issue was addressed with improved handling of file metadata. local low complexity apple	4.6
2019-12-18	CVE-2019-6237	Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. network apple CWE-787	6.8
2019-12-18	CVE-2019-6207	Out-of-bounds Read vulnerability in Apple products An out-of-bounds read issue existed that led to the disclosure of kernel memory. local low complexity apple CWE-125	2.1
2019-12-11	CVE-2019-14899	Man-in-the-Middle vulnerability in multiple products A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. low complexity freebsd linux openbsd apple CWE-300	7.4
2019-10-03	CVE-2019-15166	Classic Buffer Overflow vulnerability in multiple products lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. network low complexity tcpdump apple debian fedoraproject opensuse redhat netapp canonical CWE-120	7.5
2019-10-03	CVE-2018-16451	Out-of-bounds Read vulnerability in multiple products The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. network low complexity tcpdump redhat debian opensuse fedoraproject apple CWE-125	7.5
2019-10-03	CVE-2018-16230	Out-of-bounds Read vulnerability in multiple products The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). network low complexity tcpdump redhat debian opensuse fedoraproject apple CWE-125	7.5
2019-10-03	CVE-2018-16229	Out-of-bounds Read vulnerability in multiple products The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). network low complexity tcpdump redhat debian opensuse fedoraproject f5 apple CWE-125	7.5
2019-10-03	CVE-2018-16228	Out-of-bounds Read vulnerability in multiple products The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). network low complexity tcpdump redhat debian opensuse fedoraproject apple CWE-125	7.5
2019-10-03	CVE-2018-16227	Out-of-bounds Read vulnerability in multiple products The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. network low complexity tcpdump redhat debian opensuse fedoraproject apple CWE-125	7.5