Vulnerabilities > Apple > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-04-01 CVE-2020-3850 Out-of-bounds Write vulnerability in Apple mac OS X
A memory corruption issue was addressed with improved input validation.
network
low complexity
apple CWE-787
critical
9.8
2020-04-01 CVE-2020-3849 Out-of-bounds Write vulnerability in Apple mac OS X
A memory corruption issue was addressed with improved input validation.
network
low complexity
apple CWE-787
critical
9.8
2020-04-01 CVE-2020-3848 Out-of-bounds Write vulnerability in Apple mac OS X
A memory corruption issue was addressed with improved input validation.
network
low complexity
apple CWE-787
critical
9.8
2020-04-01 CVE-2020-3847 Out-of-bounds Read vulnerability in Apple mac OS X
An out-of-bounds read was addressed with improved input validation.
network
low complexity
apple CWE-125
critical
9.8
2020-04-01 CVE-2020-9769 Unspecified vulnerability in Apple mac OS X
Multiple issues were addressed by updating to version 8.1.1850.
network
low complexity
apple
critical
9.8
2020-04-01 CVE-2020-3911 Classic Buffer Overflow vulnerability in Apple products
A buffer overflow was addressed with improved bounds checking.
network
low complexity
apple CWE-120
critical
9.8
2020-04-01 CVE-2020-3910 Classic Buffer Overflow vulnerability in Apple products
A buffer overflow was addressed with improved size validation.
network
low complexity
apple CWE-120
critical
9.8
2020-04-01 CVE-2020-3909 Classic Buffer Overflow vulnerability in multiple products
A buffer overflow was addressed with improved bounds checking.
network
low complexity
apple oracle CWE-120
critical
9.8
2020-02-12 CVE-2014-9390 Improper Input Validation vulnerability in multiple products
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.
network
low complexity
git-scm mercurial apple eclipse libgit2 CWE-20
critical
9.8
2019-12-20 CVE-2012-6094 Incorrect Authorization vulnerability in multiple products
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system
network
low complexity
apple debian CWE-863
critical
9.8