| Month | Quarter | Year |
|---|---|---|
| #58 | #32 | #22 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2019-6235 | CWE-119 | Buffer Errors | 10.0 |
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. |
|||
| CVE-2019-6231 | CWE-125 | Out-of-bounds Read | 5.5 |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to read restricted memory. |
|||
| CVE-2019-6230 | CWE-399 | Resource Management Errors | 8.6 |
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox. |
|||
| CVE-2019-6225 | CWE-119 | Buffer Errors | 7.8 |
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. |
|||
| CVE-2019-6224 | CWE-119 | Buffer Errors | 8.8 |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution. |
|||
| CVE-2019-6221 | CWE-125 | Out-of-bounds Read | 7.8 |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges. |
|||
| CVE-2019-6220 | CWE-125 | Out-of-bounds Read | 5.5 |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.3. An application may be able to read restricted memory. |
|||
| CVE-2019-6219 | CWE-20 | Input Validation | 7.5 |
A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. Processing a maliciously crafted message may lead to a denial of service. |
|||
| CVE-2019-6218 | CWE-119 | Buffer Errors | 7.8 |
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges. |
|||
| CVE-2019-6214 | CWE-704 | Incorrect Type Conversion or Cast | 8.6 |
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox. |
|||