CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8556 – Apple Security Advisory 2019-3-25-4
https://notcve.org/view.php?id=CVE-2019-8556
26 Mar 2019 — A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Un problema de uso de la memoria previamente liberada fue abordado con una gestión de memoria mejorada. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows vers... • https://support.apple.com/HT209599 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 19%CPEs: 9EXPL: 2CVE-2019-8506 – Apple Multiple Products Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2019-8506
26 Mar 2019 — A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de confusión de tipos mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Wi... • https://packetstorm.news/files/id/152325 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 60%CPEs: 6EXPL: 1CVE-2019-8518 – WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check
https://notcve.org/view.php?id=CVE-2019-8518
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para ... • https://www.exploit-db.com/exploits/46649 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 60%CPEs: 6EXPL: 1CVE-2019-8558 – WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free
https://notcve.org/view.php?id=CVE-2019-8558
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 p... • https://www.exploit-db.com/exploits/46650 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 10EXPL: 1CVE-2019-8906 – Slackware Security Advisory - file Updates
https://notcve.org/view.php?id=CVE-2019-8906
18 Feb 2019 — do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. do_core_note en readelf.c en libmagic.a en la versión 5.35 de file tiene una lectura fuera de límites debido a una mala utilización de memcpy. New file packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-7288 – Apple Security Advisory 2019-2-07-1
https://notcve.org/view.php?id=CVE-2019-7288
07 Feb 2019 — The issue was addressed with improved validation on the FaceTime server. This issue is fixed in macOS Mojave 10.14.3 Supplemental Update, iOS 12.1.4. A thorough security audit of the FaceTime service uncovered an issue with Live Photos . El problema se abordó con una comprobación del servidor FaceTime mejorada.  Este problema se corrigió en Supplemental Update de macOS Mojave versión 10.14.3, iOS versión 12.1.4. • https://support.apple.com/en-us/HT209520 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2019-6223 – Apple iOS and macOS Group Facetime Vulnerability
https://notcve.org/view.php?id=CVE-2019-6223
07 Feb 2019 — A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer. Existía un problema de lógica en el manejo de llamadas FaceTime grupales. • https://support.apple.com/HT209520 •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 2CVE-2019-7286 – Apple Multiple Products Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2019-7286
07 Feb 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges. Un problema de corrupción de memoria fue abordado mejorando la comprobación de entrada. Este problema fue abordado en iOS versión 12.1.4, Actualización Complementaria macOS Mojave versión 10.14.3. • https://packetstorm.news/files/id/152735 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-7287 – Apple iOS Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2019-7287
07 Feb 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges. Un problema de corrupción de memoria fue abordado mejorando la comprobación de entrada. Este problema es corregido en iOS versión 12.1.4. • https://support.apple.com/HT209520 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 29%CPEs: 9EXPL: 2CVE-2019-6215 – WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter
https://notcve.org/view.php?id=CVE-2019-6215
23 Jan 2019 — A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de confusión de tipos con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • https://packetstorm.news/files/id/151804 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •