CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-6227
https://notcve.org/view.php?id=CVE-2019-6227
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106696 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-6228
https://notcve.org/view.php?id=CVE-2019-6228
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue is fixed in iOS 12.1.3, Safari 12.0.3. Processing maliciously crafted web content may lead to a cross site scripting attack. Existía un problema de Cross-Site Scripting (XSS) en Safari. • http://www.securityfocus.com/bid/106692 https://support.apple.com/HT209443 https://support.apple.com/HT209449 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-6229
https://notcve.org/view.php?id=CVE-2019-6229
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting. Se abordó un problema de lógica con la mejora de la validación. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106691 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-4147
https://notcve.org/view.php?id=CVE-2018-4147
In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling. En iCloud para Windows en versiones anteriores a la 7.3, Safari en versiones anteriores a la 11.0.3, iTunes en versiones anteriores a la 12.7.3 para Windows e iOS en versiones anteriores a la 11.2.5, existen múltiples corrupciones de memoria y fueron abordadas mediante la mejora de la gestión de memoria. • https://support.apple.com/HT208463 https://support.apple.com/HT208465 https://support.apple.com/HT208473 https://support.apple.com/HT208474 https://support.apple.com/HT208475 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4186
https://notcve.org/view.php?id=CVE-2018-4186
In Safari before 11.1, an information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation. En Safari en versiones anteriores a la 11.1, existía un problema de fuga de información en el manejo de las descargas en la navegación privada de Safari. Este problema se abordó con validación adicional. • https://support.apple.com/HT208695 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •