CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8830 – FaceTime _RSU_DecodeByteBuffer Out-Of-Bounds Read
https://notcve.org/view.php?id=CVE-2019-8830
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via FaceTime may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en tvOS versión 13.3, watchOS versión 6.1.1, macOS Catalina versión 10.15.2, Security Update 2019-002 Mojave y Security Update 2019-007 High Sierra, iOS versión 13.3 y iPadOS versión 13.3, iOS versión 12.4.4, watchOS versión 5.3.4 . • https://support.apple.com/en-us/HT210785 https://support.apple.com/en-us/HT210787 https://support.apple.com/en-us/HT210788 https://support.apple.com/en-us/HT210789 https://support.apple.com/en-us/HT210790 https://support.apple.com/en-us/HT210791 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8832
https://notcve.org/view.php?id=CVE-2019-8832
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with system privileges. Se abordó un problema de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en iOS versión 13.3 y iPadOS versión 13.3, watchOS versión 6.1.1, macOS Catalina versión 10.15.2, Security Update 2019-002 Mojave y Security Update 2019-007 High Sierra, tvOS versión 13.3. • https://support.apple.com/en-us/HT210785 https://support.apple.com/en-us/HT210788 https://support.apple.com/en-us/HT210789 https://support.apple.com/en-us/HT210790 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8838
https://notcve.org/view.php?id=CVE-2019-8838
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en iOS versión 13.3 y iPadOS versión 13.3, watchOS versión 6.1.1, macOS Catalina versión 10.15.2, Security Update 2019-002 Mojave y Security Update 2019-007 High Sierra, tvOS versión 13.3. • https://support.apple.com/en-us/HT210785 https://support.apple.com/en-us/HT210788 https://support.apple.com/en-us/HT210789 https://support.apple.com/en-us/HT210790 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2019-8848
https://notcve.org/view.php?id=CVE-2019-8848
This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An application may be able to gain elevated privileges. Este problema se abordó con comprobaciones mejoradas. Este problema se corrigió en tvOS versión 13.3, watchOS versión 6.1.1, iCloud para Windows versión 10.9, macOS Catalina versión 10.15.2, Security Update 2019-002 Mojave y Security Update 2019-007 High Sierra, iOS versión 13.3 y iPadOS versión 13.3, iTunes versión 12.10.3 para Windows, iCloud para Windows versión 7.16. • https://support.apple.com/en-us/HT210785 https://support.apple.com/en-us/HT210788 https://support.apple.com/en-us/HT210789 https://support.apple.com/en-us/HT210790 https://support.apple.com/en-us/HT210793 https://support.apple.com/en-us/HT210794 https://support.apple.com/en-us/HT210795 •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8856
https://notcve.org/view.php?id=CVE-2019-8856
An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. Calls made using Siri may be initiated using the wrong cellular plan on devices with two active plans. Se presentó un problema de la API en el manejo de llamadas telefónicas salientes iniciadas con Siri. • https://support.apple.com/en-us/HT210785 https://support.apple.com/en-us/HT210788 https://support.apple.com/en-us/HT210789 •