CVSS: 6.1EPSS: 9%CPEs: 7EXPL: 2CVE-2019-8649 – WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads
https://notcve.org/view.php?id=CVE-2019-8649
22 Jul 2019 — A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. Se presentó un problema lógico en el manejo de cargas de páginas síncronas. • https://packetstorm.news/files/id/153763 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8686 – Apple Safari FloatingObjects Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8686
22 Jul 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6, tvOS versión 12.4,... • https://support.apple.com/HT210346 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 6%CPEs: 2EXPL: 2CVE-2019-8663 – NSKeyedUnarchiver - Info Leak in Decoding SGBigUTF8String
https://notcve.org/view.php?id=CVE-2019-8663
22 Jul 2019 — This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6. A remote attacker may be able to leak memory. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en iOS versión 12.4, macOS Mojave versión 10.14.6. • https://packetstorm.news/files/id/154040 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8573 – Apple Security Advisory 2019-6-20-1
https://notcve.org/view.php?id=CVE-2019-8573
24 Jun 2019 — An input validation issue was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause a system denial of service. Se abordó un problema de comprobación de entrada con una comprobación de entrada mejorada. Este problema se corrigió en macOS Mojave versión 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS ve... • https://support.apple.com/en-us/HT210118 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8560 – Apple Security Advisory 2019-5-13-3
https://notcve.org/view.php?id=CVE-2019-8560
14 May 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory. Una lectura fuera de límites fue abordada con una mejor comprobación de límites. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1. • https://support.apple.com/HT210118 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 27%CPEs: 8EXPL: 2CVE-2019-8623 – Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized
https://notcve.org/view.php?id=CVE-2019-8623
14 May 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS v... • https://packetstorm.news/files/id/152990 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8584 – Apple Safari RootInlineBox Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8584
14 May 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, i... • https://support.apple.com/HT210118 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-8583 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8583
14 May 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS v... • https://support.apple.com/HT210118 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8585 – QuickTime get_by_tree Memory Corruption Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8585
14 May 2019 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. Processing a maliciously crafted movie file may lead to arbitrary code execution. Una lectura fuera de límites fue abordada con una comprobación de entrada mejorada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1. • https://support.apple.com/HT210118 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-8610 – Apple Safari FontFace Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8610
14 May 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, i... • https://support.apple.com/HT210118 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •