Vulnerabilities > Apple > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-02-12 CVE-2014-9390 Improper Input Validation vulnerability in multiple products
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.
network
low complexity
git-scm mercurial apple eclipse libgit2 CWE-20
critical
 9.8
9.8
2019-12-20 CVE-2012-6094 Incorrect Authorization vulnerability in multiple products
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system
network
low complexity
apple debian CWE-863
critical
 9.8
9.8
2019-12-18 CVE-2019-8849 Unspecified vulnerability in Apple Swiftnio SSL
The issue was addressed by signaling that an executable stack is not required.
network
low complexity
apple
critical
 9.8
9.8
2019-12-18 CVE-2019-8779 Exposure of Resource to Wrong Sphere vulnerability in Apple Ipados and Iphone OS
A logic issue applied the incorrect restrictions.
network
low complexity
apple CWE-668
critical
 10.0
10
2019-12-18 CVE-2019-8750 Out-of-bounds Write vulnerability in Apple Icloud and Watchos
Multiple memory corruption issues were addressed with improved input validation.
network
low complexity
apple CWE-787
critical
 9.8
9.8
2019-12-18 CVE-2019-8662 Deserialization of Untrusted Data vulnerability in Apple products
This issue was addressed with improved checks.
network
low complexity
apple CWE-502
critical
 9.8
9.8
2019-12-18 CVE-2019-8661 Use After Free vulnerability in Apple mac OS X
A use after free issue was addressed with improved memory management.
network
low complexity
apple CWE-416
critical
 9.8
9.8
2019-12-18 CVE-2019-8660 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved input validation.
network
low complexity
apple CWE-787
critical
 9.8
9.8
2019-12-18 CVE-2019-8648 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved input validation.
network
low complexity
apple CWE-787
critical
 9.8
9.8
2019-12-18 CVE-2019-8647 Use After Free vulnerability in Apple Tvos
A use after free issue was addressed with improved memory management.
network
low complexity
apple CWE-416
critical
 9.8
9.8