Vulnerabilities > Apple > MAC OS X > 10.15.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-01 | CVE-2020-3903 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X A memory corruption issue was addressed with improved memory handling. | 9.3 |
| 2020-04-01 | CVE-2020-3893 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 9.3 |
| 2020-04-01 | CVE-2020-3892 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X A memory corruption issue was addressed with improved input validation. | 9.3 |
| 2020-04-01 | CVE-2020-3889 | Information Exposure vulnerability in Apple mac OS X A logic issue was addressed with improved state management. | 2.1 |
| 2020-04-01 | CVE-2020-3884 | Injection vulnerability in Apple mac OS X An injection issue was addressed with improved validation. | 4.3 |
| 2020-04-01 | CVE-2020-3881 | Information Exposure vulnerability in Apple mac OS X A logic issue was addressed with improved state management. | 2.1 |
| 2020-02-27 | CVE-2020-3878 | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 6.8 |
| 2020-02-24 | CVE-2019-20044 | Improper Check for Dropped Privileges vulnerability in multiple products In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. | 7.8 |
| 2019-12-19 | CVE-2019-19906 | Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. | 7.5 |
| 2019-12-11 | CVE-2019-14899 | Man-in-the-Middle vulnerability in multiple products A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. | 7.4 |