CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 0CVE-2019-6216 – Apple Safari Global RegExp JIT Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6216
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106699 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-4147
https://notcve.org/view.php?id=CVE-2018-4147
In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling. En iCloud para Windows en versiones anteriores a la 7.3, Safari en versiones anteriores a la 11.0.3, iTunes en versiones anteriores a la 12.7.3 para Windows e iOS en versiones anteriores a la 11.2.5, existen múltiples corrupciones de memoria y fueron abordadas mediante la mejora de la gestión de memoria. • https://support.apple.com/HT208463 https://support.apple.com/HT208465 https://support.apple.com/HT208473 https://support.apple.com/HT208474 https://support.apple.com/HT208475 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4298
https://notcve.org/view.php?id=CVE-2018-4298
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a permissions issue existed in Remote Management. This issue was addressed through improved permission validation. En macOS High Sierra en versiones anteriores a la 10.13.3, la actualización de seguridad (Security Update) 2018-001 Sierra y el Security Update 2018-001 El Capitan, existía un problema de permisos en la gestión remota. Este problema se abordó mediante la mejora de la validación de permisos. • https://support.apple.com/HT208465 https://support.apple.com/HT208692%2C •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2411
https://notcve.org/view.php?id=CVE-2017-2411
In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates. En iOS en versiones anteriores a la 11.2, los tipos de cambio se recuperaron de HTTP en lugar de HTTPS. Esto se abordó habilitando HTTPS para los tipos de cambio. • https://support.apple.com/HT208334 • CWE-254: 7PK - Security Features •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4194
https://notcve.org/view.php?id=CVE-2018-4194
In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. En iOS en versiones anteriores a la 11.4, iCloud para Windows en versiones anteriores a la 7.5, watchOS en versiones anteriores a la 4.3.1, iTunes en versiones anteriores a la 12.7.5 para Windows y macOS High Sierra en versiones anteriores a la 10.13.5, se abordó una lectura fuera de límites con la mejora de la validación de entradas. • https://support.apple.com/HT208848 https://support.apple.com/HT208849 https://support.apple.com/HT208851 https://support.apple.com/HT208852 https://support.apple.com/HT208853 • CWE-125: Out-of-bounds Read •