CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8769 – webkitgtk: Websites could reveal browsing history
https://notcve.org/view.php?id=CVE-2019-8769
An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. Se presentó un problema en el dibujado de los elementos de una página web. • https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210634 https://access.redhat.com/security/cve/CVE-2019-8769 https://bugzilla.redhat.com/show_bug.cgi?id=1876617 •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8745 – Apple macOS CFFromShiftJISLen Out-Of-Bounds Read Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-8745
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution. Un desbordamiento del búfer fue abordado mejorando la comprobación de límites. Este problema es corregido en macOS Catalina versión 10.15, tvOS versión 13, iTunes para Windows versión 12.10.1, iCloud para Windows versión 10.7, iCloud para Windows versión 7.14. • https://support.apple.com/HT210634 https://support.apple.com/HT210635 https://support.apple.com/HT210636 https://support.apple.com/HT210637 https://support.apple.com/kb/HT210722 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-8717 – XNU - Remote Double-Free via Data Race in IPComp Input Path
https://notcve.org/view.php?id=CVE-2019-8717
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en macOS Catalina versión 10.15, tvOS versión 13. • https://www.exploit-db.com/exploits/47479 https://support.apple.com/HT210634 https://support.apple.com/kb/HT210722 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8539 – Apple macOS diskmanagementd Uninitialized Buffer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8539
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de inicialización de la memoria con un manejo de la memoria mejorada.  Este problema se corrigió en macOS Mojave versión 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. • https://support.apple.com/en-us/HT210348 •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2019-15165 – libpcap: Resource exhaustion during PHB header length validation
https://notcve.org/view.php?id=CVE-2019-15165
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. En el archivo sf-pcapng.c en libpcap versiones anteriores a 1.9.1, no comprueba apropiadamente la longitud del encabezado PHB antes de asignar la memoria. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00052.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES https://github.com/the-tcpdump-group/libpcap/commit/87d6bef033062f969e70fa40c43dfd945d5a20ab https://github.com/the-tcpdump-group/libpcap/commit/a5a36d9e82dde7265e38fe1f87b7f11c461c29f6 https://lists.debian.org/debian-lts-announce/2019/10/msg00031.html htt • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •