CVE-2019-8784

CVE-2019-8784 is a memory corruption vulnerability affecting WebKit-related components in Apple software. The public records show that an application could potentially execute arbitrary code with system privileges due to memory handling issues in WebKit used by Apple’s iCloud for Windows (7.15 an...

CVE-2019-8782

CVE-2019-8782 is a WebKit-related memory corruption issue addressed by Apple in iOS 13.2, iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, and iCloud for Windows 11.0. The advisory notes multiple memory corruption vulnerabilities fixed across WebKit with improved memory handling...

CVE-2019-8782

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2019-8775

CVE-2019-8775 affects Apple iOS/iPadOS VoiceOver. The root issue allowed a user with physical access to read contacts from the lock screen. Apple addressed this by restricting options on a locked device, with fixes in iOS 13.1 and iPadOS 13.1. Connected sources (Red Hat advisory, Apple HT210603, ...

CVE-2019-8804

An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup...

CVE-2019-8782

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2019-8779

A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions...

CVE-2019-8769

An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history...

CVE-2019-8779

This CVE (CVE-2019-8779) affects Apple iOS/iPadOS sandbox components, specifically third-party app extensions where incorrect sandbox restrictions were applied due to a logic issue. The issue is addressed in iOS 13.1.1 and iPadOS 13.1.1, which update the logic to enforce the correct restrictions....

CVE-2019-8769

An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history...

CVE-2019-8769

CVE-2019-8769 concerns WebKit: an issue in the drawing of web page elements could allow leakage of browsing history when visiting a malicious site. Public fixes span multiple platforms and projects: Apple webkit (iOS 13.1/iPadOS 13.1 and macOS Catalina 10.15), WebKitGTK/WebKitGTK+ (e.g., webkitgt...

CVE-2019-8769

An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history...

Apple iOS/iPadOS/tvOS/watchOS/macOS CVE-2019-8830 Arbitrary Code Execution Vulnerability

Description Apple iOS, iPadOS, tvOS, watchOS and macOS are prone to an arbitrary code execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts may result in a denial-of-service conditio...

Apple iOS/tvOS/iPadOS/watchOS/macOS Multiple Memory Corruption Vulnerabilities

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to multiple memory-corruption vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-servic...

Apple iOS and iPadOS CVE-2019-8857 Security Bypass Vulnerability

Description Apple iOS and iPadOS are prone to a security bypass vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. This issue is fixed in Apple iPadOS 13.3 and iOS 13.3. Technologies Affected Apple Ipad Mini- Apple iOS 10 Apple iOS...

Apple iOS and iPadOS CVE-2019-8841 Arbitrary Code Execution Vulnerability

Description Apple iOS and iPadOS are prone to an arbitrary code execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code with kernel privileges on the affected system. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected...

Apple iOS/iPadOS/watchOS/macOS CVE-2019-8856 Security Vulnerability

Description Apple iOS/iPadOS/watchOS/macOS are prone to a security vulnerability. Attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. Technologies Affected Apple Ipad Mini- Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple iOS 10.2 Apple...

Apple iOS/iPadOS/tvOS/watchOS CVE-2019-8836 Memory Corruption Vulnerability

Description Apple iOS, iPadOS, tvOS and watchOS are prone to a memory corruption vulnerability. An attacker can leverage this issue to execute arbitrary code with kernel privileges. Failed exploit attempts will likely result in denial-of-service conditions. This issue is fixed in: Apple iOS 13.3...

Apple Releases Multiple Security Updates

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Apple...

Apple watchOS/iOS/iPadOS/tvOS/Safari CVE-2019-8844 Multiple Memory Corruption Vulnerabilities

Description Apple watchOS, iOS, iPadOS, tvOS and Safari are prone to multiple memory corruption vulnerabilities. A remote attacker can leverage these issues to execute arbitrary code in the context of the user running the application. Technologies Affected Apple Ipad Mini- Apple Safari 1.1.0 Appl...