Vulnerabilities > Apple > Macos > 7.6.1

DATE CVE VULNERABILITY TITLE RISK
2020-12-08 CVE-2020-27898 Unchecked Return Value vulnerability in Apple Macos
A denial of service issue was addressed with improved state handling.
local
low complexity
apple CWE-252
5.5
5.5
2020-12-08 CVE-2020-9972 Classic Buffer Overflow vulnerability in Apple products
A buffer overflow issue was addressed with improved memory handling.
local
low complexity
apple CWE-120
7.8
7.8
2020-12-08 CVE-2020-9965 Out-of-bounds Read vulnerability in Apple products
An out-of-bounds read was addressed with improved input validation.
local
low complexity
apple CWE-125
7.8
7.8
2020-12-08 CVE-2020-9849 Information Exposure vulnerability in Apple products
An information disclosure issue was addressed with improved state management.
network
low complexity
apple CWE-200
6.5
6.5
2020-12-08 CVE-2020-10014 Path Traversal vulnerability in Apple mac OS X and Macos
A parsing issue in the handling of directory paths was addressed with improved path validation.
local
low complexity
apple CWE-22
6.3
6.3
2020-12-08 CVE-2020-10012 Cross-site Scripting vulnerability in Apple mac OS X and Macos
An access issue was addressed with improved access restrictions.
network
low complexity
apple CWE-79
6.1
6.1
2020-11-03 CVE-2020-15969 Use After Free vulnerability in multiple products
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse apple CWE-416
8.8
8.8
2020-06-27 CVE-2020-15358 Out-of-bounds Write vulnerability in multiple products
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
local
low complexity
sqlite canonical apple oracle siemens CWE-787
5.5
5.5
2020-06-15 CVE-2020-14155 Integer Overflow or Wraparound vulnerability in multiple products
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
network
low complexity
pcre apple gitlab oracle netapp splunk CWE-190
5.3
5.3
2020-06-15 CVE-2019-20838 Out-of-bounds Read vulnerability in multiple products
libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.
network
low complexity
pcre apple splunk CWE-125
7.5
7.5