Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Iphone_os
(Apple)Repositories |
• https://github.com/madler/zlib
• https://github.com/file/file • https://github.com/WebKit/webkit • https://github.com/vadz/libtiff |
#Vulnerabilities | 3637 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-12-18 | CVE-2019-8529 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. An application may be able to execute arbitrary code with kernel privileges. | Iphone_os, Mac_os_x | N/A | ||
2019-12-18 | CVE-2019-8527 | A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
2019-12-18 | CVE-2019-8523 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | Icloud, Iphone_os, Itunes, Safari, Tvos | N/A | ||
2019-12-18 | CVE-2019-8516 | A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service. | Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
2015-08-14 | CVE-2015-1819 | The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. | Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Opensuse, Linux, Solaris, Enterprise_linux, Libxml | N/A | ||
2019-12-18 | CVE-2019-8804 | An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup. | Ipados, Iphone_os | N/A | ||
2019-12-18 | CVE-2019-8803 | An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials.. | Ipados, Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
2019-12-18 | CVE-2019-8794 | A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory. | Ipados, Iphone_os, Mac_os_x, Tvos, Watchos | N/A | ||
2019-12-18 | CVE-2019-8788 | An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration. | Ipados, Iphone_os, Mac_os_x | N/A | ||
2019-12-18 | CVE-2019-8779 | A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions. | Ipados, Iphone_os | N/A |