CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8510 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8510
26 Mar 2019 — An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. Se presentó un problema de lectura fuera de límites que condujo a la divulgación de la memoria del kernel. • https://support.apple.com/HT209599 • CWE-125: Out-of-bounds Read •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8530 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8530
26 Mar 2019 — This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2. • https://support.apple.com/HT209599 •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-6237 – Apple Safari createRenderers Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6237
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, iTune... • https://support.apple.com/HT210118 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 5%CPEs: 4EXPL: 2CVE-2019-8514 – iOS < 12.2 / macOS < 10.14.4 XNU - pidversion Increment During execve is Unsafe
https://notcve.org/view.php?id=CVE-2019-8514
26 Mar 2019 — A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2, watchOS versión 5.2. • https://packetstorm.news/files/id/152326 •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8521 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8521
26 Mar 2019 — This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to overwrite arbitrary files. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4. • https://support.apple.com/HT209599 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8566 – Apple Security Advisory 2019-3-25-1
https://notcve.org/view.php?id=CVE-2019-8566
26 Mar 2019 — An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user. Se presentó un problema de la API en el manejo de los datos del micrófono. • https://support.apple.com/HT209599 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8502 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8502
26 Mar 2019 — An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization. Se presentó un problema de API en el manejo de las peticiones de dictado. • https://support.apple.com/HT209599 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8511 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8511
26 Mar 2019 — A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges. Se solucionó un problema de desbordamiento del búfer mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, watchOS versión 5.2. • https://support.apple.com/HT209599 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 43%CPEs: 6EXPL: 1CVE-2019-8518 – WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check
https://notcve.org/view.php?id=CVE-2019-8518
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para ... • https://www.exploit-db.com/exploits/46649 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2019-8540 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8540
26 Mar 2019 — A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. Un problema de inicialización de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2, watchOS versión 5.2. • https://github.com/maldiohead/CVE-2019-8540 • CWE-665: Improper Initialization •