Vulnerabilities > Apple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-18 | CVE-2019-6204 | Cross-site Scripting vulnerability in Apple Safari A logic issue was addressed with improved validation. | 4.3 |
| 2019-12-18 | CVE-2019-6201 | Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. | 9.3 |
| 2019-12-11 | CVE-2019-14899 | Man-in-the-Middle vulnerability in multiple products A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. | 7.4 |
| 2019-11-22 | CVE-2019-9536 | Improper Privilege Management vulnerability in Apple Iphone 3GS Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. | 6.9 |
| 2019-10-03 | CVE-2019-15165 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. | 5.3 |
| 2019-10-03 | CVE-2019-15166 | Classic Buffer Overflow vulnerability in multiple products lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | 7.5 |
| 2019-10-03 | CVE-2018-16451 | Out-of-bounds Read vulnerability in multiple products The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. | 7.5 |
| 2019-10-03 | CVE-2018-16230 | Out-of-bounds Read vulnerability in multiple products The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). | 7.5 |
| 2019-10-03 | CVE-2018-16229 | Out-of-bounds Read vulnerability in multiple products The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). | 7.5 |
| 2019-10-03 | CVE-2018-16228 | Out-of-bounds Read vulnerability in multiple products The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). | 7.5 |