CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8584 – Apple Safari RootInlineBox Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8584
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8584 https://bugzilla.redhat.com/show_bug.cgi?id=1876883 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2017-13911
https://notcve.org/view.php?id=CVE-2017-13911
A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra 10.13.2. Un problema de configuración se abordó con restricciones adicionales. El problema afectaba a macOS X El Capitan, en versiones anteriores a 10.11.6 con la actualización de seguridad 2018-002; macOS Sierra, en versiones anteriores a la 10.12.6 con la actualización de seguridad 2018-002; y macOS High Sierra en versiones anteriores a la 10.13.2. • https://support.apple.com/kb/HT208331 https://support.apple.com/kb/HT208692 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4470
https://notcve.org/view.php?id=CVE-2018-4470
A privacy issue in the handling of Open Directory records was addressed with improved indexing. This issue affected versions prior to macOS High Sierra 10.13.6. Un problema de privacidad en la gestión de los registros de Open Directory se abordó con una indexación mejorada. Este problema afectaba a macOS High Sierra en versiones anteriores a la 10.13.6. • https://support.apple.com/kb/HT208937 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4456
https://notcve.org/view.php?id=CVE-2018-4456
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14. Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a macOS High Sierra en versiones anteriores a la 10.13.6 y macOS Mojave en versiones anteriores a la 10.14. • http://seclists.org/fulldisclosure/2019/May/20 https://seclists.org/bugtraq/2019/May/27 https://support.apple.com/kb/HT208937 https://support.apple.com/kb/HT209139 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT210119 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2018-4415
https://notcve.org/view.php?id=CVE-2018-4415
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. Este problema afectaba a macOS Mojave en versiones anteriores a la 10.14.1. • https://github.com/T1V0h/CVE-2018-4415 https://support.apple.com/kb/HT209193 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •