Total
3664 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-8514 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges. | |||||
CVE-2019-13667 | 2 Apple, Google | 2 Iphone Os, Chrome | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
CVE-2019-8815 | 2 Apple, Redhat | 9 Icloud, Ipados, Iphone Os and 6 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2020-3878 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
CVE-2019-8617 | 1 Apple | 1 Iphone Os | 2024-02-28 | 6.8 MEDIUM | 9.6 CRITICAL |
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.3. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
CVE-2019-8552 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to elevate privileges. | |||||
CVE-2019-15126 | 2 Apple, Broadcom | 15 Ipados, Iphone Os, Mac Os X and 12 more | 2024-02-28 | 2.9 LOW | 3.1 LOW |
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503. | |||||
CVE-2020-3846 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution. | |||||
CVE-2019-8820 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2019-8676 | 2 Apple, Redhat | 10 Icloud, Iphone Os, Itunes and 7 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2019-8792 | 2 Apple, Google | 3 Iphone Os, Shazam, Android | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution. | |||||
CVE-2019-8599 | 1 Apple | 1 Iphone Os | 2024-02-28 | 2.1 LOW | 2.4 LOW |
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the email address used for iTunes. | |||||
CVE-2019-8669 | 2 Apple, Redhat | 10 Icloud, Iphone Os, Itunes and 7 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2019-6204 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting. | |||||
CVE-2019-8523 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2019-8600 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution. | |||||
CVE-2019-8803 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2024-02-28 | 4.6 MEDIUM | 8.4 HIGH |
An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials.. | |||||
CVE-2019-8607 | 1 Apple | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory. | |||||
CVE-2020-6403 | 7 Apple, Debian, Fedoraproject and 4 more | 10 Iphone Os, Debian Linux, Fedora and 7 more | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
CVE-2019-8623 | 1 Apple | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. |