10.15

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-03	CVE-2018-14462	Out-of-bounds Read vulnerability in multiple products The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). network low complexity tcpdump redhat debian opensuse fedoraproject f5 apple CWE-125	7.5
2019-10-03	CVE-2018-14461	Out-of-bounds Read vulnerability in multiple products The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). network low complexity tcpdump redhat debian opensuse fedoraproject apple CWE-125	7.5
2019-08-09	CVE-2019-11042	Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. network low complexity php debian canonical apple opensuse redhat tenable CWE-125	7.1
2019-08-09	CVE-2019-11041	Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. network low complexity php debian canonical apple opensuse redhat tenable CWE-125	7.1
2019-07-26	CVE-2019-13565	An issue was discovered in OpenLDAP 2.x before 2.4.48. network low complexity openldap canonical debian opensuse f5 apple oracle	7.5
2019-07-26	CVE-2019-13057	An issue was discovered in the server in OpenLDAP before 2.4.48. network low complexity openldap canonical debian opensuse apple mcafee oracle	4.9
2016-09-25	CVE-2016-4778	Permissions, Privileges, and Access Controls vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. local low complexity apple CWE-264	7.8
2016-09-25	CVE-2016-4773	Out-of-bounds Read vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app, a different vulnerability than CVE-2016-4774 and CVE-2016-4776. local low complexity apple CWE-125	7.1
2016-09-25	CVE-2016-4772	Resource Management Errors vulnerability in Apple products The kernel in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to cause a denial of service (unintended lock) via unspecified vectors. network low complexity apple CWE-399	7.5
2016-09-25	CVE-2016-4658	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document. network low complexity apple xmlsoft CWE-119 critical	9.8