CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2019-15165 – libpcap: Resource exhaustion during PHB header length validation
https://notcve.org/view.php?id=CVE-2019-15165
03 Oct 2019 — sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. En el archivo sf-pcapng.c en libpcap versiones anteriores a 1.9.1, no comprueba apropiadamente la longitud del encabezado PHB antes de asignar la memoria. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platf... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8779 – Apple Security Advisory 2019-9-27-1
https://notcve.org/view.php?id=CVE-2019-8779
29 Sep 2019 — A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions. Un problema lógico aplicó las restricciones incorrectas. • https://support.apple.com/HT210624 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 2.4EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8775 – Apple Security Advisory 2019-10-29-11
https://notcve.org/view.php?id=CVE-2019-8775
29 Sep 2019 — The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. El problema fue abordado restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema es corregido en iOS versión 13.1 y iPadOS versión 13.1. • https://support.apple.com/HT210603 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8711 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8711
27 Sep 2019 — A logic issue existed with the display of notification previews. This issue was addressed with improved validation. This issue is fixed in iOS 13. Notification previews may show on Bluetooth accessories even when previews are disabled. Se presentó un problema lógico con el despliegue de las vistas previas de notificaciones. • https://support.apple.com/HT210606 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8731 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8731
27 Sep 2019 — A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue is fixed in iOS 13. Processing a maliciously crafted file may disclose user information. Se presentó un problema de permisos donde el permiso de ejecución fue concedido incorrectamente. • https://support.apple.com/HT210606 • CWE-276: Incorrect Default Permissions •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8704 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8704
27 Sep 2019 — An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information. Un problema de autenticación fue abordado mejorando la gestión del estado. Este problema es corregido en tvOS versión 13. • https://support.apple.com/HT210604 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8760 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8760
27 Sep 2019 — This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID. Este problema fue corregido mejorando los modelos de aprendizaje automático de Face ID. Este problema fue corregido en iOS versión 13. • https://support.apple.com/HT210606 • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8727 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8727
27 Sep 2019 — A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13. • https://support.apple.com/HT210606 •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8742 – Apple Security Advisory 2019-9-26-3
https://notcve.org/view.php?id=CVE-2019-8742
27 Sep 2019 — The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen. El problema fue abordado restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema es corregido en iOS versión 13. • https://support.apple.com/HT210606 •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8674 – webkitgtk: Incorrect state management leading to universal cross-site scripting
https://notcve.org/view.php?id=CVE-2019-8674
27 Sep 2019 — A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13, Safari versión 13. • https://security.gentoo.org/glsa/202003-22 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •