CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8763 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8763
08 Oct 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 13.1 y iPadOS versión 13.1, tvOS versión 13, Safari versión 1... • https://security.gentoo.org/glsa/202003-22 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 26EXPL: 0CVE-2019-15165 – libpcap: Resource exhaustion during PHB header length validation
https://notcve.org/view.php?id=CVE-2019-15165
03 Oct 2019 — sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. En el archivo sf-pcapng.c en libpcap versiones anteriores a 1.9.1, no comprueba apropiadamente la longitud del encabezado PHB antes de asignar la memoria. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platf... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 2.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8775 – Apple Security Advisory 2019-10-29-11
https://notcve.org/view.php?id=CVE-2019-8775
29 Sep 2019 — The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. El problema fue abordado restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema es corregido en iOS versión 13.1 y iPadOS versión 13.1. • https://support.apple.com/HT210603 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8779 – Apple Security Advisory 2019-9-27-1
https://notcve.org/view.php?id=CVE-2019-8779
29 Sep 2019 — A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions. Un problema lógico aplicó las restricciones incorrectas. • https://support.apple.com/HT210624 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 1CVE-2013-0340 – Apple Security Advisory 2021-10-26-11
https://notcve.org/view.php?id=CVE-2013-0340
21 Jan 2014 — expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issu... • http://openwall.com/lists/oss-security/2013/02/22/3 • CWE-611: Improper Restriction of XML External Entity Reference •