The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.
Base Score: 7.5
Impact Score: 6.4
Exploitability Score: 10
Base Score: 10
Impact Score: 6
Exploitability Score: 3.9
|700556||Apple iOS < 12.1.3 Multiple Vulnerabilities (APPLE-SA-2019-1-22-1)||Nessus Network Monitor||Mobile Devices|
|700521||macOS 10.14.x < 10.14.3 Multiple Vulnerabilities||Nessus Network Monitor||Operating System Detection|
|121473||Apple iTunes < 12.9.3 Multiple Vulnerabilities (credentialed check)||Nessus||Windows|
|121393||macOS 10.14.x < 10.14.3 Multiple Vulnerabilities||Nessus||MacOS X Local Security Checks|
|121331||Apple iOS < 12.1.3 Multiple Vulnerabilities||Nessus||Mobile Devices|