CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8813 – webkitgtk: Incorrect state management leading to universal cross-site scripting
https://notcve.org/view.php?id=CVE-2019-8813
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, tvOS versión 13.2, Safari versión 13.0.3, iTunes para Windows versión 12.10.2, iCloud para Windows versión 11.0. • https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210721 https://support.apple.com/HT210723 https://support.apple.com/HT210725 https://support.apple.com/HT210726 https://support.apple.com/HT210727 https://access.redhat.com/security/cve/CVE-2019-8813 https://bugzilla.redhat.com/show_bug.cgi?id=1876553 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8786
https://notcve.org/view.php?id=CVE-2019-8786
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, macOS Catalina versión 10.15.1, tvOS versión 13.2, watchOS versión 6.1. • https://support.apple.com/HT210721 https://support.apple.com/HT210722 https://support.apple.com/HT210723 https://support.apple.com/HT210724 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 7EXPL: 0CVE-2019-8822 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8822
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, tvOS versión 13.2, Safari versión 13.0.3, iTunes para Windows versión 12.10.2, iCloud para Windows versión 11.0, iCloud para Windows versión 7.15. • https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210721 https://support.apple.com/HT210723 https://support.apple.com/HT210725 https://support.apple.com/HT210726 https://support.apple.com/HT210727 https://support.apple.com/HT210728 https://access.redhat.com/security/cve/CVE-2019-8822 https://bugzilla.redhat.com/show_bug.cgi?id=1876593 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8803
https://notcve.org/view.php?id=CVE-2019-8803
An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials.. Un problema de autenticación fue abordado con una gestión de estado mejorada. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, macOS Catalina versión 10.15.1, tvOS versión 13.2, watchOS versión 6.1. • https://support.apple.com/HT210721 https://support.apple.com/HT210722 https://support.apple.com/HT210723 https://support.apple.com/HT210724 • CWE-613: Insufficient Session Expiration •
CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8804
https://notcve.org/view.php?id=CVE-2019-8804
An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup. Una inconsistencia fue abordada en los ajustes de configuración de la red Wi-Fi. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2. • https://support.apple.com/HT210721 • CWE-287: Improper Authentication •