Page 185 of 1385 results (0.019 seconds)

CVSS: 8.8EPSS: 46%CPEs: 9EXPL: 1

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de confusión de tipos con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • https://www.exploit-db.com/exploits/46448 http://www.securityfocus.com/bid/106691 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 https://usn.ubuntu.com/3889-1 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout. Existió un problema de lectura fuera de límites que conducía a la divulgación de la memoria del kernel. • https://www.exploit-db.com/exploits/46285 http://www.securityfocus.com/bid/106739 https://support.apple.com/HT209443 https://support.apple.com/HT209446 https://support.apple.com/HT209447 https://support.apple.com/HT209448 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106696 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •

CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox. Se abordó un problema de inicialización de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2 y watchOS 5.1.3. • http://www.securityfocus.com/bid/106739 https://support.apple.com/HT209443 https://support.apple.com/HT209446 https://support.apple.com/HT209447 https://support.apple.com/HT209448 • CWE-665: Improper Initialization •

CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 1

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). SQLite 3.25.2, cuando se ejecutan consultas en una tabla con una CLAVE PRIMARIA mal formada, permite que los atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación), explotando la posibilidad de ejecutar declaraciones SQL arbitrarias (como en ciertos casos de uso de WebSQL). • http://seclists.org/fulldisclosure/2019/Jan/62 http://seclists.org/fulldisclosure/2019/Jan/64 http://seclists.org/fulldisclosure/2019/Jan/66 http://seclists.org/fulldisclosure/2019/Jan/67 http://seclists.org/fulldisclosure/2019/Jan/68 http://seclists.org/fulldisclosure/2019/Jan/69 http://www.securityfocus.com/bid/106698 https://seclists.org/bugtraq/2019/Jan/28 https://seclists.org/bugtraq/2019/Jan/29 https://seclists.org/bugtraq/2019/Jan/31 https://seclists.org&#x • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •