CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-6237 – Apple Safari createRenderers Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6237
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-6237 https://bugzilla.redhat.com/show_bug.cgi?id=1876880 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2019-8524 – Apple Safari GraphicsContext Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8524
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 https://support.apple.com/HT209601 https://support.apple.com/HT209603 https://support.apple.com/HT209604 https://support.apple.com/HT209605 https://access.redhat.com/security/cve/CVE-2019-8524 https://bugzilla.redhat.com/show_bug.cgi?id=1719209 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 0CVE-2019-6235
https://notcve.org/view.php?id=CVE-2019-6235
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. Un problema de corrupción de memoria se abordó con una validación mejorada. Este problema se soluciona en iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2 y en watchOS 5.1.2 y iTunes 12.9.3 para Windows. • http://www.securityfocus.com/bid/106724 https://support.apple.com/HT209443 https://support.apple.com/HT209446 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209450 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 3%CPEs: 6EXPL: 0CVE-2019-6233 – Apple Safari RenderBlockFlow Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6233
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106691 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 3%CPEs: 7EXPL: 0CVE-2019-6234 – Apple Safari CSSFontFace Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6234
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106691 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •