CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8512 – Apple Security Advisory 2019-3-25-1
https://notcve.org/view.php?id=CVE-2019-8512
26 Mar 2019 — This issue was addressed with improved transparency. This issue is fixed in iOS 12.2. A user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure. Este problema se abordó con mayor transparencia. Este problema es corregido en iOS versión 12.2. • https://support.apple.com/HT209599 • CWE-863: Incorrect Authorization •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8541 – Apple Security Advisory 2019-3-27-1
https://notcve.org/view.php?id=CVE-2019-8541
26 Mar 2019 — A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs. Se presentó un problema de privacidad en la calibración del sensor de movimiento. • https://support.apple.com/HT209599 •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8521 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8521
26 Mar 2019 — This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4. • https://support.apple.com/HT209599 •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2019-8524 – Apple Safari GraphicsContext Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8524
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows v... • https://support.apple.com/HT209599 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8510 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8510
26 Mar 2019 — An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. Se presentó un problema de lectura fuera de límites que condujo a la divulgación de la memoria del kernel. • https://support.apple.com/HT209599 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0CVE-2019-8550 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8550
26 Mar 2019 — An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing. Hubo un problema en la pausa del video FaceTime. • https://support.apple.com/HT209599 • CWE-459: Incomplete Cleanup •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8545 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8545
26 Mar 2019 — A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory. Un problema de corrupción de memoria fue abordado mejorando la administración del estado. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2, watchOS versión 5.2. • https://support.apple.com/HT209599 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-6237 – Apple Safari createRenderers Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6237
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, iTune... • https://support.apple.com/HT210118 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-8542 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8542
26 Mar 2019 — A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges. Un desbordamiento del búfer fue abordado mejorando la comprobación de límites. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2, watchOS versión 5.2, iTunes versión 12.9.4 para Windows, iCloud para Windows versió... • https://support.apple.com/HT209599 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8551 – webkitgtk: malicious web content leads to cross site scripting
https://notcve.org/view.php?id=CVE-2019-8551
26 Mar 2019 — A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. Un problema lógico fue abordado con una comprobación mejorada. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •