10.15.1

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-27	CVE-2020-3835	Link Following vulnerability in Apple mac OS X A validation issue existed in the handling of symlinks. local low complexity apple CWE-59	4.4
2020-02-27	CVE-2020-3830	Link Following vulnerability in Apple mac OS X A validation issue existed in the handling of symlinks. local low complexity apple CWE-59	3.3
2020-02-27	CVE-2020-3829	Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved bounds checking. local low complexity apple CWE-125	7.8
2020-02-27	CVE-2020-3827	Out-of-bounds Write vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. local low complexity apple CWE-787	7.8
2020-02-27	CVE-2020-3826	Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. local low complexity apple CWE-125	7.8
2020-02-24	CVE-2019-20044	Improper Check for Dropped Privileges vulnerability in multiple products In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. local low complexity zsh fedoraproject debian apple CWE-273	7.8
2019-12-19	CVE-2019-19906	Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. network low complexity cyrusimap debian canonical fedoraproject redhat apple apache CWE-193	7.5
2019-12-11	CVE-2019-14899	A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. low complexity freebsd linux openbsd apple	7.4
2019-10-03	CVE-2019-15166	Classic Buffer Overflow vulnerability in multiple products lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. network low complexity tcpdump apple debian fedoraproject opensuse redhat netapp canonical CWE-120	7.5
2019-10-03	CVE-2018-16451	Out-of-bounds Read vulnerability in multiple products The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. network low complexity tcpdump redhat debian opensuse fedoraproject apple CWE-125	7.5