Redhat: Security Vulnerabilities
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.471
Published
2019-12-18
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.015
Published
2019-12-18
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.021
Published
2019-12-18
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.015
Published
2019-12-18
CVE-2019-8506
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
Known exploited
CVSS Score
8.8
EPSS Score
0.081
Published
2019-12-18
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-12-18
exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled.
CVSS Score
7.5
EPSS Score
0.084
Published
2019-12-18
CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-15
JBoss KeyCloak: Open redirect vulnerability via failure to validate the redirect URL.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-12-15
eDeploy has RCE via cPickle deserialization of untrusted data
CVSS Score
9.8
EPSS Score
0.012
Published
2019-12-15