CVSS: 8.8EPSS: 24%CPEs: 8EXPL: 2CVE-2019-8820 – JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects
https://notcve.org/view.php?id=CVE-2019-8820
01 Nov 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, tvOS versión 13.2,... • https://packetstorm.news/files/id/155112 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8763 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8763
08 Oct 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 13.1 y iPadOS versión 13.1, tvOS versión 13, Safari versión 1... • https://security.gentoo.org/glsa/202003-22 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8769 – webkitgtk: Websites could reveal browsing history
https://notcve.org/view.php?id=CVE-2019-8769
08 Oct 2019 — An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. Se presentó un problema en el dibujado de los elementos de una página web. • https://security.gentoo.org/glsa/202003-22 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8779 – Apple Security Advisory 2019-9-27-1
https://notcve.org/view.php?id=CVE-2019-8779
29 Sep 2019 — A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions. Un problema lógico aplicó las restricciones incorrectas. • https://support.apple.com/HT210624 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 2.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8775 – Apple Security Advisory 2019-10-29-11
https://notcve.org/view.php?id=CVE-2019-8775
29 Sep 2019 — The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. El problema fue abordado restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema es corregido en iOS versión 13.1 y iPadOS versión 13.1. • https://support.apple.com/HT210603 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8727 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8727
27 Sep 2019 — A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13. • https://support.apple.com/HT210606 •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8742 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8742
27 Sep 2019 — The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen. El problema fue abordado restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema es corregido en iOS versión 13. • https://support.apple.com/HT210606 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8711 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8711
27 Sep 2019 — A logic issue existed with the display of notification previews. This issue was addressed with improved validation. This issue is fixed in iOS 13. Notification previews may show on Bluetooth accessories even when previews are disabled. Se presentó un problema lógico con el despliegue de las vistas previas de notificaciones. • https://support.apple.com/HT210606 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8674 – webkitgtk: Incorrect state management leading to universal cross-site scripting
https://notcve.org/view.php?id=CVE-2019-8674
27 Sep 2019 — A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13, Safari versión 13. • https://security.gentoo.org/glsa/202003-22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8731 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8731
27 Sep 2019 — A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue is fixed in iOS 13. Processing a maliciously crafted file may disclose user information. Se presentó un problema de permisos donde el permiso de ejecución fue concedido incorrectamente. • https://support.apple.com/HT210606 • CWE-276: Incorrect Default Permissions •