Total
3262 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8576 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-22 | 6.6 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory. | |||||
| CVE-2019-8591 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-20 | 8.8 HIGH | 7.1 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2019-8698 | 1 Apple | 2 Iphone Os, Tvos | 2019-12-20 | 4.3 MEDIUM | 3.3 LOW |
| A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites. | |||||
| CVE-2019-8568 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-20 | 2.1 LOW | 5.5 MEDIUM |
| A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system. | |||||
| CVE-2019-8649 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-12-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | |||||
| CVE-2019-8690 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-12-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | |||||
| CVE-2019-8682 | 1 Apple | 2 Iphone Os, Watchos | 2019-12-20 | 2.1 LOW | 2.4 LOW |
| The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen. | |||||
| CVE-2019-8560 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory. | |||||
| CVE-2019-8605 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-20 | 9.3 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2019-8565 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-12-20 | 7.6 HIGH | 7.0 HIGH |
| A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges. | |||||
| CVE-2019-8567 | 1 Apple | 1 Iphone Os | 2019-12-20 | 5.0 MEDIUM | 7.5 HIGH |
| A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.2. A device may be passively tracked by its WiFi MAC address. | |||||
| CVE-2019-8615 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-12-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-8620 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2019-12-19 | 5.0 MEDIUM | 7.5 HIGH |
| A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address. | |||||
| CVE-2019-8657 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-19 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution. | |||||
| CVE-2019-8626 | 1 Apple | 2 Iphone Os, Watchos | 2019-12-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service. | |||||
| CVE-2019-8704 | 1 Apple | 2 Iphone Os, Tvos | 2019-12-19 | 2.1 LOW | 5.5 MEDIUM |
| An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information. | |||||
| CVE-2019-8613 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2019-12-19 | 7.5 HIGH | 9.8 CRITICAL |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution. | |||||
| CVE-2019-8665 | 1 Apple | 2 Iphone Os, Watchos | 2019-12-19 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, watchOS 5.3. A remote attacker may cause an unexpected application termination. | |||||
| CVE-2019-8556 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2019-12-19 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-8646 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-19 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory. | |||||