Vulnerabilities > Apple > MAC OS X > 10.3

DATE CVE VULNERABILITY TITLE RISK
2020-02-27 CVE-2020-3846 XML Injection (aka Blind XPath Injection) vulnerability in Apple products
A buffer overflow was addressed with improved size validation.
network
apple CWE-91
6.8
2020-02-27 CVE-2020-3845 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X
A memory corruption issue was addressed with improved memory handling.
network
apple CWE-119
critical
9.3
2020-02-27 CVE-2020-3842 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
network
apple CWE-119
critical
9.3
2020-02-27 CVE-2020-3840 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An off by one issue existed in the handling of racoon configuration files.
network
apple CWE-119
6.8
2020-02-27 CVE-2020-3839 Improper Input Validation vulnerability in Apple mac OS X
A validation issue was addressed with improved input sanitization.
local
low complexity
apple CWE-20
2.1
2020-02-27 CVE-2020-3838 Incorrect Default Permissions vulnerability in Apple products
The issue was addressed with improved permissions logic.
network
apple CWE-276
critical
9.3
2020-02-27 CVE-2020-3837 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
network
apple CWE-119
critical
9.3
2020-02-27 CVE-2020-3836 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
An access issue was addressed with improved memory management.
local
low complexity
apple CWE-119
2.1
2020-02-27 CVE-2020-3835 Link Following vulnerability in Apple mac OS X
A validation issue existed in the handling of symlinks.
local
low complexity
apple CWE-59
3.6
2020-02-27 CVE-2020-3830 Link Following vulnerability in Apple mac OS X
A validation issue existed in the handling of symlinks.
local
low complexity
apple CWE-59
3.6