CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-6202 – Apple iOS mediaserverd cypc Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-6202
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges. Se abordó una lectura fuera de límites con la mejora de la comprobación de límites. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y watchOS 5.1.3. • http://www.securityfocus.com/bid/106697 https://support.apple.com/HT209443 https://support.apple.com/HT209446 https://support.apple.com/HT209448 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6200
https://notcve.org/view.php?id=CVE-2019-6200
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code. Se abordó una lectura fuera de límites con la mejora de la validación de entradas. Este problema se ha resuelto en iOS 12.1.3 y macOS Mojave 10.14.3. • http://www.securityfocus.com/bid/106694 https://support.apple.com/HT209443 https://support.apple.com/HT209446 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4185
https://notcve.org/view.php?id=CVE-2018-4185
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. En iOS en versiones anteriores a la 11.3, tvOS en versiones anteriores a la 11.3, watchOS en versiones anteriores a la 4.3 y macOS en versiones anteriores a High Sierra 10.13.4, existía un problema de divulgación de información en la transición del estado del programa. Este problema se abordó mediante la mejora del manejo de los estados. • https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://support.apple.com/HT208696 https://support.apple.com/HT208698 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4254
https://notcve.org/view.php?id=CVE-2018-4254
In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation. En macOS High Sierra en versiones anteriores a la 10.13.5, existía un problema de validación de entradas en el kernel. Este problema se abordó mediante la mejora de la validación de entradas. • https://support.apple.com/HT208849 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13887
https://notcve.org/view.php?id=CVE-2017-13887
In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management. En macOS High Sierra en versiones anteriores a la 10.13.2, existía un problema de lógica en APFS al eliminar claves durante la hibernación. Esto fue abordado con la mejora de la gestión de estados. • https://support.apple.com/HT208331 • CWE-320: Key Management Errors •