CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 5CVE-2019-6225 – iOS/macOS - 'task_swap_mach_voucher()' Use-After-Free
https://notcve.org/view.php?id=CVE-2019-6225
23 Jan 2019 — A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. Se abordó un problema de corrupción de memoria con la mejora de la validación. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y tvOS 12.1.2. • https://packetstorm.news/files/id/151331 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-6219 – Apple Security Advisory 2019-1-22-3
https://notcve.org/view.php?id=CVE-2019-6219
23 Jan 2019 — A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. Processing a maliciously crafted message may lead to a denial of service. Se abordó un problema de denegación de servicio con la mejora de la validación. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y watchOS 5.1.3. • http://www.securityfocus.com/bid/106697 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6220 – Apple Security Advisory 2019-1-22-2
https://notcve.org/view.php?id=CVE-2019-6220
23 Jan 2019 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.3. An application may be able to read restricted memory. Se abordó una lectura fuera de límites con la mejora de la validación de entradas. Este problema se ha resuelto en macOS Mojave 10.14.3. • http://www.securityfocus.com/bid/106693 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-6210 – Apple Security Advisory 2019-1-22-3
https://notcve.org/view.php?id=CVE-2019-6210
23 Jan 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con la mejora de la validación de entradas. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2 y watchOS 5.1.3. • http://www.securityfocus.com/bid/106739 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-6221 – Apple iOS mediaserverd crte Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-6221
23 Jan 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges. Se abordó una lectura fuera de límites con la mejora de la comprobación de límites. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y iTunes 12.9.3 para Windows. • http://www.securityfocus.com/bid/106694 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-6202 – Apple iOS mediaserverd cypc Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-6202
23 Jan 2019 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges. Se abordó una lectura fuera de límites con la mejora de la comprobación de límites. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y watchOS 5.1.3. • http://www.securityfocus.com/bid/106697 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 1%CPEs: 4EXPL: 2CVE-2019-6213 – macOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics
https://notcve.org/view.php?id=CVE-2019-6213
23 Jan 2019 — A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges. Se abordó un desbordamiento de búfer con la mejora de la comprobación de límites. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2 y watchOS 5.1.3. • https://packetstorm.news/files/id/151442 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2019-6208 – macOS XNU - Copy-on-Write Behaviour Bypass via Partial-Page Truncation of File
https://notcve.org/view.php?id=CVE-2019-6208
23 Jan 2019 — A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes. Se abordó un problema de inicialización de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3 y tvOS 12.1.2. • https://packetstorm.news/files/id/151440 • CWE-665: Improper Initialization •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4452 – Apple Security Advisory 2019-1-22-2
https://notcve.org/view.php?id=CVE-2018-4452
23 Jan 2019 — A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de consumo de memoria con un manejo de la memoria mejorada. Este problema se corrigió en macOS Mojave versión 10.14.3,... • https://support.apple.com/en-us/HT209341 •
CVSS: 8.1EPSS: 1%CPEs: 9EXPL: 0CVE-2018-20506 – Apple Security Advisory 2019-1-22-3
https://notcve.org/view.php?id=CVE-2018-20506
23 Jan 2019 — SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346. En SQLite, en versiones anteriores a la 3.25.3, cuando está habilitada la extensión FTS3, ... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html • CWE-190: Integer Overflow or Wraparound •