CVSS: 9.3EPSS: 15%CPEs: 3EXPL: 1CVE-2020-9992 – Apple Security Advisory 2020-11-13-3
https://notcve.org/view.php?id=CVE-2020-9992
18 Sep 2020 — This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network. Este problema es corregido cifrando las comunicaciones a través de la red para los dispositivos que ejecutan iOS versión 14, iPadOS versión 14, tvOS versión 14 y watchOS versi... • https://github.com/c0ntextomy/c0ntextomy •
CVSS: 5.3EPSS: 65%CPEs: 5EXPL: 4CVE-2019-20372 – nginx: HTTP request smuggling in configurations with URL redirect used as error_page
https://notcve.org/view.php?id=CVE-2019-20372
09 Jan 2020 — NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. NGINX versiones anteriores a 1.17.7, con ciertas configuraciones de error_page, permite el trafico no autorizado de peticiones HTTP, como es demostrado por la capacidad de un atacante para leer páginas web no autorizadas en entornos donde NGINX está al frente de un equilibrador... • https://github.com/0xleft/CVE-2019-20372 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-8840 – Apple Security Advisory 2019-12-10-7
https://notcve.org/view.php?id=CVE-2019-8840
11 Dec 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema se corrigió en Xcode versión 11.3. • https://support.apple.com/en-us/HT210796 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8800 – Apple Security Advisory 2019-11-01-1
https://notcve.org/view.php?id=CVE-2019-8800
04 Nov 2019 — A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution. Un problema de corrupción de memoria fue abordado con una comprobación mejorada. Este problema es corregido en Xcode versión 11.2. • https://support.apple.com/HT210729 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8806 – Apple Security Advisory 2019-11-01-1
https://notcve.org/view.php?id=CVE-2019-8806
04 Nov 2019 — A memory corruption issue was addressed with improved validation. This issue is fixed in Xcode 11.2. Processing a maliciously crafted file may lead to arbitrary code execution. Un problema de corrupción de memoria fue abordado con una comprobación mejorada. Este problema es corregido en Xcode 11.2. • https://support.apple.com/HT210729 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8721 – Apple Security Advisory 2019-9-26-7
https://notcve.org/view.php?id=CVE-2019-8721
29 Sep 2019 — Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Varios problemas en ld64 en las cadenas de herramientas Xcode fueron abordados mediante la actualización de la versión ld64-507.4. Este problema es corregido en Xcode versión 11.0. • https://support.apple.com/HT210609 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8722 – Apple Security Advisory 2019-9-26-7
https://notcve.org/view.php?id=CVE-2019-8722
29 Sep 2019 — Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Varios problemas en ld64 en las cadenas de herramientas Xcode fueron abordados mediante la actualización de la versión ld64-507.4. Este problema es corregido en Xcode versión 11.0. • https://support.apple.com/HT210609 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8723 – Apple Security Advisory 2019-9-26-7
https://notcve.org/view.php?id=CVE-2019-8723
29 Sep 2019 — Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Varios problemas en ld64 en las cadenas de herramientas Xcode fueron abordados mediante la actualización de la versión ld64-507.4. Este problema es corregido en Xcode versión 11.0. • https://support.apple.com/HT210609 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8724 – Apple Security Advisory 2019-9-26-7
https://notcve.org/view.php?id=CVE-2019-8724
29 Sep 2019 — Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Varios problemas en ld64 en las cadenas de herramientas de Xcode fueron abordados mediante la actualización de la versión ld64-507.4. Este problema es corregido en Xcode versión 11.0. • https://support.apple.com/HT210609 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8738 – Apple Security Advisory 2019-9-26-7
https://notcve.org/view.php?id=CVE-2019-8738
29 Sep 2019 — A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. Un problema de corrupción de memoria fue abordado mejorando la gestión del estado. Este problema es corregido en Xcode versión 11.0. • https://support.apple.com/HT210609 • CWE-787: Out-of-bounds Write •