CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8673 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8673
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 23%CPEs: 11EXPL: 0CVE-2019-8676 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8676
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS ... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8698 – Apple Security Advisory 2019-7-22-5
https://notcve.org/view.php?id=CVE-2019-8698
22 Jul 2019 — A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites. Se presentó un problema de comprobación en la verificación de los derechos. • https://support.apple.com/HT210346 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 3%CPEs: 7EXPL: 2CVE-2019-8649 – WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads
https://notcve.org/view.php?id=CVE-2019-8649
22 Jul 2019 — A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. Se presentó un problema lógico en el manejo de cargas de páginas síncronas. • https://packetstorm.news/files/id/153763 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8681 – Apple Safari InlineBox Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8681
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 1%CPEs: 2EXPL: 2CVE-2019-8663 – NSKeyedUnarchiver - Info Leak in Decoding SGBigUTF8String
https://notcve.org/view.php?id=CVE-2019-8663
22 Jul 2019 — This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6. A remote attacker may be able to leak memory. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6. • https://packetstorm.news/files/id/154040 •
CVSS: 7.5EPSS: 12%CPEs: 4EXPL: 2CVE-2019-8646 – iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects
https://notcve.org/view.php?id=CVE-2019-8646
22 Jul 2019 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory. Una lectura fuera de límites fue abordada con una comprobación de entrada mejorada. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4, watchOS versión 5.3. • https://packetstorm.news/files/id/153825 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 4EXPL: 5CVE-2019-8641 – iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds
https://notcve.org/view.php?id=CVE-2019-8641
22 Jul 2019 — An out-of-bounds read was addressed with improved input validation. Una lectura fuera de límites se abordó con una validación de entrada mejorada. macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra are now available and address bypass, code execution, and use-after-free vulnerabilities. • https://packetstorm.news/files/id/155222 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 7%CPEs: 3EXPL: 2CVE-2019-8647 – iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References
https://notcve.org/view.php?id=CVE-2019-8647
22 Jul 2019 — A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution. Un problema de uso de la memoria previamente liberada fue abordado con una gestión de memoria mejorada. Este problema es corregido en iOS versión 12.4, tvOS versión 12.4, watchOS 5.3. • https://packetstorm.news/files/id/153826 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 13%CPEs: 4EXPL: 2CVE-2019-8660 – iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1
https://notcve.org/view.php?id=CVE-2019-8660
22 Jul 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. Un problema de corrupción de memoria fue abordado mejorando la comprobación de entrada. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4, watchOS versión 5.3. • https://packetstorm.news/files/id/153827 • CWE-787: Out-of-bounds Write •