CVSS: 8.1EPSS: 1%CPEs: 371EXPL: 1CVE-2019-9506 – Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
https://notcve.org/view.php?id=CVE-2019-9506
14 Aug 2019 — The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación d... • https://github.com/francozappa/knob • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8582 – Apple macOS CoreText Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8582
24 Jul 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema se corrigió en iCloud para Windows versión 7.12, tvOS versión 12.3, iT... • https://support.apple.com/en-us/HT210118 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8677 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8677
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8673 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8673
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 23%CPEs: 11EXPL: 0CVE-2019-8676 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8676
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS ... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8698 – Apple Security Advisory 2019-7-22-5
https://notcve.org/view.php?id=CVE-2019-8698
22 Jul 2019 — A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites. Se presentó un problema de comprobación en la verificación de los derechos. • https://support.apple.com/HT210346 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 3%CPEs: 7EXPL: 2CVE-2019-8649 – WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads
https://notcve.org/view.php?id=CVE-2019-8649
22 Jul 2019 — A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. Se presentó un problema lógico en el manejo de cargas de páginas síncronas. • https://packetstorm.news/files/id/153763 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8681 – Apple Safari InlineBox Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8681
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-8683 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8683
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS ... • https://support.apple.com/HT210346 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8644 – Apple Safari CSSFontFace Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8644
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •