CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6232 – Apple Security Advisory 2019-3-25-6
https://notcve.org/view.php?id=CVE-2019-6232
26 Mar 2019 — A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. Se presentó una condición de carrera durante la instalación de iTunes para Windows. • https://support.apple.com/HT209605 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6236 – Apple Security Advisory 2019-3-25-6
https://notcve.org/view.php?id=CVE-2019-6236
26 Mar 2019 — A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution. Se presentó una condición de carrera durante la instalación de iCloud para Windows. • https://support.apple.com/HT209605 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-6237 – Apple Safari createRenderers Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6237
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, iTune... • https://support.apple.com/HT210118 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8503 – Apple Security Advisory 2019-3-25-4
https://notcve.org/view.php?id=CVE-2019-8503
26 Mar 2019 — A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website. Un problema lógico fue abordado con una comprobación mejorada. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 16%CPEs: 9EXPL: 2CVE-2019-8506 – Apple Multiple Products Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2019-8506
26 Mar 2019 — A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Se solucionó un problema de confusión de tipos mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Wi... • https://packetstorm.news/files/id/152325 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8515 – Apple Security Advisory 2019-3-25-4
https://notcve.org/view.php?id=CVE-2019-8515
26 Mar 2019 — A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information. Se presentó un problema de origen cruzado con la API fetch. • https://support.apple.com/HT209599 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 42%CPEs: 6EXPL: 1CVE-2019-8518 – WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check
https://notcve.org/view.php?id=CVE-2019-8518
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para ... • https://www.exploit-db.com/exploits/46649 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 5EXPL: 0CVE-2019-8523 – webkitgtk: malicious web content leads to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8523
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows v... • https://support.apple.com/HT209599 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8524 – Apple Safari GraphicsContext Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8524
26 Mar 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows v... • https://support.apple.com/HT209599 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 8EXPL: 0CVE-2019-8535 – webkitgtk: malicious crafted web content leads to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8535
26 Mar 2019 — A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Un problema de corrupción de memoria fue abordado mejorando la administración del estado. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •