CVSS: 8.8EPSS: 7%CPEs: 7EXPL: 1CVE-2019-8622 – Apple macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free
https://notcve.org/view.php?id=CVE-2019-8622
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, Safari 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://www.exploit-db.com/exploits/46888 https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8622 https://bugzilla.redhat.com/show_bug.cgi?id=1877048 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 6%CPEs: 3EXPL: 1CVE-2019-8613 – Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free
https://notcve.org/view.php?id=CVE-2019-8613
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution. Un problema de uso de la memoria previamente liberada fue abordado con una gestión de memoria mejorada. Este problema es corregido en iOS versión 12.3, tvOS versión 12.3, watchOS versión 5.2.1. • https://www.exploit-db.com/exploits/46913 https://support.apple.com/HT210118 https://support.apple.com/HT210120 https://support.apple.com/HT210122 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8620
https://notcve.org/view.php?id=CVE-2019-8620
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address. Un problema de privacidad del usuario fue abordado eliminando la dirección MAC de transmisión. Este problema es corregido en iOS versión 12.3, tvOS versión 12.3, watchOS versión 5.2.1. • https://support.apple.com/HT210118 https://support.apple.com/HT210120 https://support.apple.com/HT210122 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 7%CPEs: 8EXPL: 1CVE-2019-8623 – Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized
https://notcve.org/view.php?id=CVE-2019-8623
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, Safari 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://www.exploit-db.com/exploits/46889 https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8623 https://bugzilla.redhat.com/show_bug.cgi?id=1877049 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8592 – Apple macOS AudioCodecs Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8592
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, iOS 13. Playing a malicious audio file may lead to arbitrary code execution. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema se corrigió en macOS Catalina versión 10.15, tvOS versión 12.3, watchOS versión 5.2.1, tvOS versión 13, macOS Catalina versión 10.15.1, Security Update 2019-001 y Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS versión 12.3, iOS versión 13. • https://support.apple.com/en-us/HT210118 https://support.apple.com/en-us/HT210119 https://support.apple.com/en-us/HT210120 https://support.apple.com/en-us/HT210122 https://support.apple.com/en-us/HT210604 https://support.apple.com/en-us/HT210606 https://support.apple.com/en-us/HT210634 https://support.apple.com/en-us/HT210722 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •