Akayn

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 12.4 Apple macOS versions prior to 10.14.6 Apple tvOS versions prior to 12.4 Apple watchOS versions prior to 5.3 Apple Safari versions prior to 12.1.2 Apple iTunes for Windows versions prior to 12.9.6 Apple iCloud for Windows versions prior to 10.6 **Description** The issue arises from multiple memory corruption problems that have been addressed through improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. **Recommendations** For Apple iOS versions prior to 12.4, update to iOS 12.4 or later. For Apple macOS versions prior to 10.14.6, update to macOS Mojave 10.14.6 or later. For Apple tvOS versions prior to 12.4, update to tvOS 12.4 or later. For Apple watchOS versions prior to 5.3, update to watchOS 5.3 or later. For Apple Safari versions prior to 12.1.2, update to Safari 12.1.2 or later. For Apple iTunes for Windows versions prior to 12.9.6, update to iTunes for Windows 12.9.6 or later. For Apple iCloud for Windows versions prior to 10.6, update to iCloud for Windows 10.6 or later.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 12.1.2 iOS versions prior to 12.4 macOS Mojave versions prior to 10.14.6 tvOS versions prior to 12.4 watchOS versions prior to 5.3 iTunes for Windows versions prior to 12.9.6 iCloud for Windows versions prior to 10.6 **Description** A logic issue was addressed with improved state management, which may lead to universal cross-site scripting when processing maliciously crafted web content. The vulnerability is related to a buffer overflow in the WebKit module, allowing a remote attacker to conduct a cross-site scripting attack using a specially crafted website. **Recommendations** For Safari versions prior to 12.1.2, update to version 12.1.2 or later. For iOS versions prior to 12.4, update to version 12.4 or later. For macOS Mojave versions prior to 10.14.6, update to version 10.14.6 or later. For tvOS versions prior to 12.4, update to version 12.4 or later. For watchOS versions prior to 5.3, update to version 5.3 or later. For iTunes for Windows versions prior to 12.9.6, update to version 12.9.6 or later. For iCloud for Windows versions prior to 10.6, update to version 10.6 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.4 macOS Mojave versions prior to 10.14.6 tvOS versions prior to 12.4 watchOS versions prior to 5.3 Safari versions prior to 12.1.2 iTunes for Windows versions prior to 12.9.6 iCloud for Windows versions prior to 10.6 **Description** The issue is caused by multiple memory corruption problems, which can be exploited by processing maliciously crafted web content, potentially leading to arbitrary code execution. This can be achieved by a remote attacker using a specially crafted website. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For iOS versions prior to 12.4, update to iOS 12.4 or later. For macOS Mojave versions prior to 10.14.6, update to macOS Mojave 10.14.6 or later. For tvOS versions prior to 12.4, update to tvOS 12.4 or later. For watchOS versions prior to 5.3, update to watchOS 5.3 or later. For Safari versions prior to 12.1.2, update to Safari 12.1.2 or later. For iTunes for Windows versions prior to 12.9.6, update to iTunes for Windows 12.9.6 or later. For iCloud for Windows versions prior to 10.6, update to iCloud for Windows 10.6 or later.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (affected versions not specified) **Description** An information disclosure issue exists due to Microsoft Edge's improper handling of objects in memory. This could allow a remote attacker to gain unauthorized access to protected information, potentially obtaining details to further compromise the user's system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Edge (affected versions not specified) Description: An information disclosure issue exists due to improper handling of objects in memory by Microsoft Edge. This could allow an attacker to obtain information that could be used to further compromise the user's system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Edge versions in Microsoft Windows 10 1703 through 1709 Description: An information disclosure issue exists due to how Microsoft Edge handles objects in memory. This could allow an attacker to obtain information that could be used to further compromise the user's system. The issue is related to improper handling of objects in memory by Microsoft Edge. Recommendations: For Microsoft Edge in Microsoft Windows 10 1703 and 1709, at the moment, there is no information about a newer version that contains a fix for this issue.