CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 0CVE-2019-6217 – Apple Safari RegExp JIT Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6217
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106699 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 1%CPEs: 9EXPL: 0CVE-2018-20506
https://notcve.org/view.php?id=CVE-2018-20506
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346. En SQLite, en versiones anteriores a la 3.25.3, cuando está habilitada la extensión FTS3, hay un desbordamiento de enteros que resulta en un desbordamiento de búfer para consultas FTS3 en una operación de unión que ocurre después de que se realicen cambios manipulados en las tablas de sombras de FTS3. Esto permite que atacantes remotos ejecuten código arbitrario, explotando la posibilidad de ejecutar declaraciones SQL arbitrarias (como en ciertos casos de uso de WebSQL). Esta vulnerabilidad es diferente de CVE-2018-20346. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html http://seclists.org/fulldisclosure/2019/Jan/62 http://seclists.org/fulldisclosure/2019/Jan/64 http://seclists.org/fulldisclosure/2019/Jan/66 http://seclists.org/fulldisclosure/2019/Jan/67 http://seclists.org/fulldisclosure/2019/Jan/68 http://seclists.org/fulldisclosure/2019/Jan/69 http://www.securityfocus.com/bid/106698 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://lists.debian.o • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4185
https://notcve.org/view.php?id=CVE-2018-4185
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. En iOS en versiones anteriores a la 11.3, tvOS en versiones anteriores a la 11.3, watchOS en versiones anteriores a la 4.3 y macOS en versiones anteriores a High Sierra 10.13.4, existía un problema de divulgación de información en la transición del estado del programa. Este problema se abordó mediante la mejora del manejo de los estados. • https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://support.apple.com/HT208696 https://support.apple.com/HT208698 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4436
https://notcve.org/view.php?id=CVE-2018-4436
A certificate validation issue existed in configuration profiles. This was addressed with additional checks. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2. Existía un problema de validación de certificados en los perfiles de configuración. El problema se abordó con comprobaciones adicionales. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 82%CPEs: 7EXPL: 1CVE-2018-4443 – WebKit JSC - 'AbstractValue::set' Use-After-Free
https://notcve.org/view.php?id=CVE-2018-4443
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1, tvOS en versiones anteriores a la 12.1.1, watchOS en versiones anteriores a la 5.1.2, Safari en versiones anteriores a la 12.0.2, iTunes en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. WebKit JSC suffers from a use-after-free vulnerability that can be used to bypass write barriers. • https://www.exploit-db.com/exploits/46071 https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •