| Month | Quarter | Year |
|---|---|---|
| #26 | #18 | #18 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2019-6235 | CWE-119 | Buffer Errors | 10.0 |
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. |
|||
| CVE-2019-6234 | CWE-119 | Buffer Errors | 8.8 |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. |
|||
| CVE-2019-6233 | CWE-119 | Buffer Errors | 8.8 |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. |
|||
| CVE-2019-6231 | CWE-125 | Out-of-bounds Read | 5.5 |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to read restricted memory. |
|||
| CVE-2019-6230 | CWE-399 | Resource Management Errors | 8.6 |
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox. |
|||
| CVE-2019-6229 | CWE-79 | Cross-Site Scripting (XSS) | 6.1 |
A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting. |
|||
| CVE-2019-6228 | CWE-79 | Cross-Site Scripting (XSS) | 6.1 |
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue is fixed in iOS 12.1.3, Safari 12.0.3. Processing maliciously crafted web content may lead to a cross site scripting attack. |
|||
| CVE-2019-6227 | CWE-119 | Buffer Errors | 8.8 |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. |
|||
| CVE-2019-6226 | CWE-119 | Buffer Errors | 8.8 |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. |
|||
| CVE-2019-6225 | CWE-119 | Buffer Errors | 7.8 |
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. |
|||