CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8727
https://notcve.org/view.php?id=CVE-2019-8727
A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13. • https://support.apple.com/HT210606 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8760
https://notcve.org/view.php?id=CVE-2019-8760
This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID. Este problema fue corregido mejorando los modelos de aprendizaje automático de Face ID. Este problema fue corregido en iOS versión 13. • https://support.apple.com/HT210606 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8674 – webkitgtk: Incorrect state management leading to universal cross-site scripting
https://notcve.org/view.php?id=CVE-2019-8674
A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. Un problema lógico fue abordado mejorando la gestión del estado. Este problema es corregido en iOS versión 13, Safari versión 13. • https://security.gentoo.org/glsa/202003-22 https://support.apple.com/HT210606 https://support.apple.com/HT210608 https://access.redhat.com/security/cve/CVE-2019-8674 https://bugzilla.redhat.com/show_bug.cgi?id=1876608 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8711
https://notcve.org/view.php?id=CVE-2019-8711
A logic issue existed with the display of notification previews. This issue was addressed with improved validation. This issue is fixed in iOS 13. Notification previews may show on Bluetooth accessories even when previews are disabled. Se presentó un problema lógico con el despliegue de las vistas previas de notificaciones. • https://support.apple.com/HT210606 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8704
https://notcve.org/view.php?id=CVE-2019-8704
An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information. Un problema de autenticación fue abordado mejorando la gestión del estado. Este problema es corregido en tvOS versión 13. • https://support.apple.com/HT210604 https://support.apple.com/HT210606 • CWE-287: Improper Authentication •