Tvos

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-18	CVE-2019-7293	Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. local low complexity apple CWE-787	5.5
2019-12-18	CVE-2019-7292	Improper Input Validation vulnerability in Apple products A validation issue was addressed with improved logic. network low complexity apple CWE-20	6.5
2019-12-18	CVE-2019-7285	Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. network low complexity apple CWE-416	8.8
2019-12-18	CVE-2019-6237	Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. network low complexity apple CWE-787	8.8
2019-12-18	CVE-2019-6207	Out-of-bounds Read vulnerability in Apple products An out-of-bounds read issue existed that led to the disclosure of kernel memory. local low complexity apple CWE-125	5.5
2019-12-18	CVE-2019-6201	Out-of-bounds Write vulnerability in Apple products Multiple memory corruption issues were addressed with improved memory handling. network low complexity apple CWE-787	8.8
2019-12-11	CVE-2019-14899	Man-in-the-Middle vulnerability in multiple products A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. low complexity freebsd linux openbsd apple CWE-300	7.4
2019-10-03	CVE-2019-15165	Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. network low complexity tcpdump debian opensuse oracle apple canonical fedoraproject CWE-770	5.3
2019-08-14	CVE-2019-9506	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. low complexity google apple canonical debian opensuse redhat huawei CWE-327	8.1
2019-07-01	CVE-2019-13118	Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. network low complexity xmlsoft opensuse netapp oracle fedoraproject canonical apple CWE-843	5.3