CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-8607 – webkitgtk: Out-of-bounds read leading to memory disclosure
https://notcve.org/view.php?id=CVE-2019-8607
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory. Una lectura fuera de límites fue abordada con una comprobación de entrada mejorada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, Safari 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8607 https://bugzilla.redhat.com/show_bug.cgi?id=1876897 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-8602
https://notcve.org/view.php?id=CVE-2019-8602
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges. Un problema de corrupción de memoria fue abordado eliminando el código vulnerable. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-8577
https://notcve.org/view.php?id=CVE-2019-8577
An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges. Un problema de comprobación de entrada fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2018-4145
https://notcve.org/view.php?id=CVE-2018-4145
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.3, tvOS 11.3, watchOS 4.3, Safari 11.1, iTunes 12.7.4 for Windows, iCloud for Windows 7.4. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12; macOS Mojave en versiones anteriores a la 11.3; tvOS en versiones anteriores a la 12; watchOS en versiones anteriores a la 11.1; iTunes para Windows en versiones anteriores a la 12.7.4 y iCloud para Windows en versiones anteriores a la 7.4. • https://support.apple.com/kb/HT208693 https://support.apple.com/kb/HT208695 https://support.apple.com/kb/HT208696 https://support.apple.com/kb/HT208697 https://support.apple.com/kb/HT208698 https://support.apple.com/kb/HT208852 https://support.apple.com/kb/HT208933 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6232
https://notcve.org/view.php?id=CVE-2019-6232
A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. Se presentó una condición de carrera durante la instalación de iTunes para Windows. • https://support.apple.com/HT209605 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •