|
221021
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
mac_os_x
tvos
|
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes i…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6205
|
2024-11-21 13:46 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221022
|
7.8 |
HIGH
Local
|
apple
|
iphone_os
mac_os_x
watchos
|
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-6202
|
2024-11-21 13:46 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221023
|
8.8 |
HIGH
Adjacent
|
apple
|
iphone_os
mac_os_x
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitr…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-6200
|
2024-11-21 13:46 |
2019-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221024
|
10.0 |
CRITICAL
Network
|
apple
|
iphone_os
mac_os_x
tv_os
watch_os
itunes
|
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process m…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-6235
|
2024-11-21 13:46 |
2019-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221025
|
9.8 |
CRITICAL
Network
|
apple
|
iphone_os
|
An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.3. Password autofill may fill in passwords after…
|
CWE-200
Information Exposure
|
CVE-2019-6206
|
2024-11-21 13:46 |
2019-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221026
|
7.5 |
HIGH
Network
|
pangea-comm
|
fax_ata
|
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass user authentication using a specially crafted URL to cause the device to reboot, which may be used to c…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2019-6551
|
2024-11-21 13:46 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221027
|
5.5 |
MEDIUM
Local
|
deltaww
|
screeneditor
|
Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.84 and prior. An out-of-bounds read vulnerability may cause the software to crash due to lacking user input validation for proce…
|
CWE-125
Out-of-bounds Read
|
CVE-2019-6547
|
2024-11-21 13:46 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221028
|
7.8 |
HIGH
Local
|
hornerautomation
|
cscape
|
Cscape, 9.80 SP4 and prior. An improper input validation vulnerability may be exploited by processing specially crafted POC files. This may allow an attacker to read confidential information and remo…
|
CWE-20
Improper Input Validation
|
CVE-2019-6555
|
2024-11-21 13:46 |
2019-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221029
|
6.1 |
MEDIUM
Network
|
f5
|
big-ip_access_policy_manager
|
Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI.
|
CWE-79
Cross-site Scripting
|
CVE-2019-6595
|
2024-11-21 13:46 |
2019-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221030
|
5.9 |
MEDIUM
Network
|
f5
|
big-ip_access_policy_manager
big-ip_local_traffic_manager
big-ip_advanced_firewall_manager
big-ip_analytics
big-ip_application_security_manager
big-ip_domain_name_system
big-ip_edge…
|
On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and 14.0.0-14.0.0.2, Multi-Path TCP (MPTCP) does not protect against multiple zero length DATA_FINs in the reassembly queue, which c…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2019-6594
|
2024-11-21 13:46 |
2019-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
