Vulnerabilities > Apple > MAC OS X > 10.15.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-14 | CVE-2020-11761 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
2020-04-14 | CVE-2020-11760 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
2020-04-14 | CVE-2020-11759 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
2020-04-14 | CVE-2020-11758 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in OpenEXR before 2.4.1. | 5.5 |
2020-04-02 | CVE-2019-14868 | Command Injection vulnerability in multiple products In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. | 7.8 |
2020-02-27 | CVE-2020-3878 | Out-of-bounds Read vulnerability in Apple products An out-of-bounds read was addressed with improved input validation. | 6.8 |
2020-02-24 | CVE-2019-20044 | Improper Check for Dropped Privileges vulnerability in multiple products In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. | 7.8 |
2019-12-19 | CVE-2019-19906 | Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. | 7.5 |
2019-12-11 | CVE-2019-14899 | Man-in-the-Middle vulnerability in multiple products A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. | 7.4 |
2016-07-23 | CVE-2016-5131 | Use After Free vulnerability in multiple products Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. | 8.8 |