CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8789
https://notcve.org/view.php?id=CVE-2019-8789
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information. Se presentó un problema de comprobación en el manejo de enlaces simbólicos. • https://support.apple.com/HT210721 https://support.apple.com/HT210722 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-8784
https://notcve.org/view.php?id=CVE-2019-8784
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, macOS Catalina versión 10.15.1, iTunes para Windows versión 12.10.2, iCloud para Windows versión 11.0, iCloud para Windows versión 7.15. • https://support.apple.com/HT210721 https://support.apple.com/HT210722 https://support.apple.com/HT210726 https://support.apple.com/HT210727 https://support.apple.com/HT210728 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8785
https://notcve.org/view.php?id=CVE-2019-8785
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, macOS Catalina versión 10.15.1, tvOS versión 13.2, watchOS versión 6.1. • https://support.apple.com/HT210721 https://support.apple.com/HT210722 https://support.apple.com/HT210723 https://support.apple.com/HT210724 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8788
https://notcve.org/view.php?id=CVE-2019-8788
An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration. Se presentó un problema en el análisis de las URL. • https://support.apple.com/HT210721 https://support.apple.com/HT210722 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8813 – webkitgtk: Incorrect state management leading to universal cross-site scripting
https://notcve.org/view.php?id=CVE-2019-8813
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, tvOS versión 13.2, Safari versión 13.0.3, iTunes para Windows versión 12.10.2, iCloud para Windows versión 11.0. • https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210721 https://support.apple.com/HT210723 https://support.apple.com/HT210725 https://support.apple.com/HT210726 https://support.apple.com/HT210727 https://access.redhat.com/security/cve/CVE-2019-8813 https://bugzilla.redhat.com/show_bug.cgi?id=1876553 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •