Page 169 of 1419 results (0.015 seconds)

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2019-8734

https://notcve.org/view.php?id=CVE-2019-8734

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó múltiples problemas de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en iOS versión 13, iCloud para Windows versión 7.14, iCloud para Windows versión 10.7, Safari versión 13, tvOS versión 13, watchOS versión 6, iTunes versión 12.10.1 para Windows. • https://support.apple.com/en-us/HT210604 https://support.apple.com/en-us/HT210606 https://support.apple.com/en-us/HT210607 https://support.apple.com/en-us/HT210608 https://support.apple.com/en-us/HT210635 https://support.apple.com/en-us/HT210636 https://support.apple.com/en-us/HT210637 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2019-8728

https://notcve.org/view.php?id=CVE-2019-8728

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó múltiples problemas de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en iOS versión 13, iCloud para Windows versión 7.14, iCloud para Windows versión 10.7, Safari versión 13, tvOS versión 13, watchOS versión 6, iTunes versión 12.10.1 para Windows. • https://support.apple.com/en-us/HT210604 https://support.apple.com/en-us/HT210606 https://support.apple.com/en-us/HT210607 https://support.apple.com/en-us/HT210608 https://support.apple.com/en-us/HT210635 https://support.apple.com/en-us/HT210636 https://support.apple.com/en-us/HT210637 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 45%CPEs: 1EXPL: 1

CVE-2019-8765 – JavaScriptCore - GetterSetter Type Confusion During DFG Compilation

https://notcve.org/view.php?id=CVE-2019-8765

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en watchOS versión 6.1. • https://www.exploit-db.com/exploits/47565 https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210724 https://access.redhat.com/security/cve/CVE-2019-8765 https://bugzilla.redhat.com/show_bug.cgi?id=1876542 • CWE-787: Out-of-bounds Write •

CVSS: 2.4EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-8775

https://notcve.org/view.php?id=CVE-2019-8775

The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. El problema fue abordado restringiendo las opciones ofrecidas en un dispositivo bloqueado. Este problema es corregido en iOS versión 13.1 y iPadOS versión 13.1. • https://support.apple.com/HT210603 https://support.apple.com/HT210724 •

CVSS: 8.1EPSS: 0%CPEs: 371EXPL: 0

CVE-2019-9506 – Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation

https://notcve.org/view.php?id=CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación de longitud de clave. Esto permite ataques prácticos de fuerza bruta (también se conoce como "KNOB") que pueden descifrar el tráfico e inyectar texto cifrado arbitrario sin que la víctima se dé cuenta. A flaw was discovered in the Bluetooth protocol. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html http://seclists.org/fulldisclosure/2019/Aug/11 http://seclists.org/fulldisclosure/2019/Aug/13 http://seclists.org/fulldisclosure/2019/Aug/14 http://seclists.org/fulldisclosure/2019/Aug/15 http://www.cs.ox.ac.uk/publications/publication12404-abstract.html http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en https: • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •