CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 2CVE-2019-7286 – Apple Multiple Products Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2019-7286
07 Feb 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges. Un problema de corrupción de memoria fue abordado mejorando la comprobación de entrada. Este problema fue abordado en iOS versión 12.1.4, Actualización Complementaria macOS Mojave versión 10.14.3. • https://packetstorm.news/files/id/152735 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2019-6223 – Apple iOS and macOS Group Facetime Vulnerability
https://notcve.org/view.php?id=CVE-2019-6223
07 Feb 2019 — A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer. Existía un problema de lógica en el manejo de llamadas FaceTime grupales. • https://support.apple.com/HT209520 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-7287 – Apple iOS Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2019-7287
07 Feb 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges. Un problema de corrupción de memoria fue abordado mejorando la comprobación de entrada. Este problema es corregido en iOS versión 12.1.4. • https://support.apple.com/HT209520 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 12%CPEs: 7EXPL: 1CVE-2018-20505 – Apple Security Advisory 2019-1-22-3
https://notcve.org/view.php?id=CVE-2018-20505
23 Jan 2019 — SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). SQLite 3.25.2, cuando se ejecutan consultas en una tabla con una CLAVE PRIMARIA mal formada, permite que los atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación), explotando la posibilidad de ejecutar declaraciones SQL arbitra... • http://seclists.org/fulldisclosure/2019/Jan/62 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6211 – Apple Safari RTCPeerConnection Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6211
23 Jan 2019 — A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con la mejora de la gestión de estados. Este problema se ha resuelto en iOS 12.1.3 y macOS Mojave 10.14.3. • https://support.apple.com/HT209443 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-6231 – Apple Security Advisory 2019-1-22-3
https://notcve.org/view.php?id=CVE-2019-6231
23 Jan 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to read restricted memory. Se abordó una lectura fuera de límites con la mejora de la comprobación de límites. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2 y watchOS 5.1.3. • http://www.securityfocus.com/bid/106739 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 5CVE-2019-6225 – iOS/macOS - 'task_swap_mach_voucher()' Use-After-Free
https://notcve.org/view.php?id=CVE-2019-6225
23 Jan 2019 — A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. Se abordó un problema de corrupción de memoria con la mejora de la validación. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y tvOS 12.1.2. • https://packetstorm.news/files/id/151331 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-6229 – Gentoo Linux Security Advisory 201903-12
https://notcve.org/view.php?id=CVE-2019-6229
23 Jan 2019 — A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting. Se abordó un problema de lógica con la mejora de la validación. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106691 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-6221 – Apple iOS mediaserverd crte Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-6221
23 Jan 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges. Se abordó una lectura fuera de límites con la mejora de la comprobación de límites. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y iTunes 12.9.3 para Windows. • http://www.securityfocus.com/bid/106694 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-6202 – Apple iOS mediaserverd cypc Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-6202
23 Jan 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges. Se abordó una lectura fuera de límites con la mejora de la comprobación de límites. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y watchOS 5.1.3. • http://www.securityfocus.com/bid/106697 • CWE-125: Out-of-bounds Read •