Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2019-8768
Publication date:
18/12/2019
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items.
Severity CVSS v4.0: Pending analysis
Last modification:
01/12/2021

CVE-2019-8769
Publication date:
18/12/2019
An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history.
Severity CVSS v4.0: Pending analysis
Last modification:
01/12/2021

CVE-2019-8745
Publication date:
18/12/2019
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution.
Severity CVSS v4.0: Pending analysis
Last modification:
24/08/2020

CVE-2019-8748
Publication date:
18/12/2019
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges.
Severity CVSS v4.0: Pending analysis
Last modification:
24/08/2020

CVE-2019-8739
Publication date:
18/12/2019
A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution.
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2021

CVE-2019-8742
Publication date:
18/12/2019
The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen.
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2021

CVE-2019-8743
Publication date:
18/12/2019
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
Severity CVSS v4.0: Pending analysis
Last modification:
30/11/2021

CVE-2019-8747
Publication date:
18/12/2019
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2021

CVE-2019-8750
Publication date:
18/12/2019
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Multiple issues in libxslt.
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2021

CVE-2019-8730
Publication date:
18/12/2019
The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user’s locked notes.
Severity CVSS v4.0: Pending analysis
Last modification:
01/01/2022

CVE-2019-8731
Publication date:
18/12/2019
A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue is fixed in iOS 13. Processing a maliciously crafted file may disclose user information.
Severity CVSS v4.0: Pending analysis
Last modification:
22/12/2019

CVE-2019-8724
Publication date:
18/12/2019
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.
Severity CVSS v4.0: Pending analysis
Last modification:
22/12/2019
Subscribe to Vulnerabilities