CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6206 – Apple Security Advisory 2019-1-22-1
https://notcve.org/view.php?id=CVE-2019-6206
23 Jan 2019 — An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.3. Password autofill may fill in passwords after they were manually cleared. Existía un fallo con el autorelleno que se reanudaba después de su cancelación. • http://www.securityfocus.com/bid/106687 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 5%CPEs: 3EXPL: 2CVE-2019-6218 – macOS < 10.14.3 / iOS < 12.1.3 - Arbitrary mach Port Name Deallocation in XPC Services due to Invalid mach Message Parsing in _xpc_serializer_unpack
https://notcve.org/view.php?id=CVE-2019-6218
23 Jan 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con la mejora de la validación de entradas. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y tvOS 12.1.2. • https://packetstorm.news/files/id/151438 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-6229 – Gentoo Linux Security Advisory 201903-12
https://notcve.org/view.php?id=CVE-2019-6229
23 Jan 2019 — A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting. Se abordó un problema de lógica con la mejora de la validación. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106691 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6200 – Apple Security Advisory 2019-1-22-1
https://notcve.org/view.php?id=CVE-2019-6200
23 Jan 2019 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code. Se abordó una lectura fuera de límites con la mejora de la validación de entradas. Este problema se ha resuelto en iOS 12.1.3 y macOS Mojave 10.14.3. • http://www.securityfocus.com/bid/106694 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2019-6235 – Apple Security Advisory 2019-1-22-3
https://notcve.org/view.php?id=CVE-2019-6235
23 Jan 2019 — A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. Un problema de corrupción de memoria se abordó con una validación mejorada. Este problema se soluciona en iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2 y en watchOS 5.1.2 y iTunes 12.9.3 para Windows. • http://www.securityfocus.com/bid/106724 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-6226 – Apple Security Advisory 2019-1-22-3
https://notcve.org/view.php?id=CVE-2019-6226
23 Jan 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud ... • http://www.securityfocus.com/bid/106696 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-6216 – Apple Safari Global RegExp JIT Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6216
23 Jan 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud ... • http://www.securityfocus.com/bid/106699 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 9%CPEs: 3EXPL: 3CVE-2019-6205 – macOS < 10.14.3 / iOS < 12.1.3 XNU - 'vm_map_copy' Optimization which Requires Atomicity isn't Atomic
https://notcve.org/view.php?id=CVE-2019-6205
23 Jan 2019 — A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes. Se abordó un problema de corrupción de memoria con la mejora de la comprobación del estado de bloqueo. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y tvOS 12.1.2. • https://packetstorm.news/files/id/156051 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-6202 – Apple iOS mediaserverd cypc Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-6202
23 Jan 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges. Se abordó una lectura fuera de límites con la mejora de la comprobación de límites. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y watchOS 5.1.3. • http://www.securityfocus.com/bid/106697 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 37%CPEs: 4EXPL: 2CVE-2019-6224 – FaceTime - Texture Processing Memory Corruption
https://notcve.org/view.php?id=CVE-2019-6224
23 Jan 2019 — A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution. Se abordó un problema de desbordamiento de búfer con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2 y watchOS 5.1.3. • https://packetstorm.news/files/id/151772 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •