|
1401
|
4.3
4.3
|
MEDIUM
Network
|
The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 fo…
|
NVD-CWE-noinfo
|
CVE-2019-8827
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.2
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1402
|
8.8
6.8
|
HIGH
Network
|
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001,…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-8825
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.3
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1403
|
3.3
2.1
|
LOW
Local
|
A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, watchOS 6, iOS 13. A local app may be able to read a persistent a…
|
NVD-CWE-noinfo
|
CVE-2019-8809
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.1
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1404
|
2.4
2.1
|
LOW
Physics
|
This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximit…
|
NVD-CWE-noinfo
|
CVE-2019-8799
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.1
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1405
|
5.5
7.1
|
MEDIUM
Local
|
The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13. A malicious application may be able to determine kernel memory layout.
|
NVD-CWE-noinfo
|
CVE-2019-8780
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.1
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1406
|
5.5
4.3
|
MEDIUM
Local
|
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Parsing a maliciously crafted iBooks file may lead to …
|
CWE-20 CWE-400
Improper Input Validation Uncontrolled Resource Consumption
|
CVE-2019-8774
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.1
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1407
|
8.8
6.8
|
HIGH
Network
|
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS …
|
CWE-787
Out-of-bounds Write
|
CVE-2019-8773
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.1
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1408
|
6.1
4.3
|
MEDIUM
Network
|
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2019-8771
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.0.
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1409
|
6.1
4.3
|
MEDIUM
Network
|
A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Win…
|
CWE-79
Cross-site Scripting
|
CVE-2019-8762
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.1
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1410
|
6.1
4.3
|
MEDIUM
Network
|
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. Processing maliciously crafted web content may lead to a cross site scripting a…
|
CWE-79
Cross-site Scripting
|
CVE-2019-8753
|
cpe:2.3:o:apple:iphone_os:*:*
|
|
|
|
13.1
|
2024-11-21 13:50
2020-10-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|