Hanul Choi

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.3 macOS Mojave versions prior to 10.14.5 tvOS versions prior to 12.3 watchOS versions prior to 5.2.1 **Description** The issue is related to an out-of-bounds read that has been addressed with improved bounds checking. A local user may be able to cause unexpected system termination or read kernel memory. **Recommendations** For iOS versions prior to 12.3, update to iOS 12.3 or later. For macOS Mojave versions prior to 10.14.5, update to macOS Mojave 10.14.5 or later. For tvOS versions prior to 12.3, update to tvOS 12.3 or later. For watchOS versions prior to 5.2.1, update to watchOS 5.2.1 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.3 macOS Mojave versions prior to 10.14.5 tvOS versions prior to 12.3 watchOS versions prior to 5.2.1 iTunes for Windows versions prior to 12.9.5 iCloud for Windows versions prior to 7.12 **Description** A memory corruption issue may allow a malicious application to elevate privileges. This issue was addressed by removing the vulnerable code. **Recommendations** For iOS versions prior to 12.3, update to iOS 12.3 or later. For macOS Mojave versions prior to 10.14.5, update to macOS Mojave 10.14.5 or later. For tvOS versions prior to 12.3, update to tvOS 12.3 or later. For watchOS versions prior to 5.2.1, update to watchOS 5.2.1 or later. For iTunes for Windows versions prior to 12.9.5, update to iTunes for Windows 12.9.5 or later. For iCloud for Windows versions prior to 7.12, update to iCloud for Windows 7.12 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 13 iCloud for Windows versions prior to 7.14 and 10.7 Safari versions prior to 13 tvOS versions prior to 13 watchOS versions prior to 6 iTunes for Windows versions prior to 12.10.1 **Description** The issue arises from multiple memory corruption problems that have been addressed through improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. **Recommendations** For iOS versions prior to 13, update to iOS 13 or later. For iCloud for Windows versions prior to 7.14 and 10.7, update to iCloud for Windows 7.14 or 10.7 or later. For Safari versions prior to 13, update to Safari 13 or later. For tvOS versions prior to 13, update to tvOS 13 or later. For watchOS versions prior to 6, update to watchOS 6 or later. For iTunes for Windows versions prior to 12.10.1, update to iTunes 12.10.1 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.3 macOS Mojave versions prior to 10.14.5 tvOS versions prior to 12.3 watchOS versions prior to 5.2.1 Safari versions prior to 12.1.1 iTunes for Windows versions prior to 12.9.5 iCloud for Windows versions prior to 7.12 **Description** The issue is related to an out-of-bounds read that can be addressed with improved input validation. Processing maliciously crafted web content may result in the disclosure of process memory. A remote attacker can exploit this issue using a specially crafted web page or file, potentially allowing them to reveal the contents of process memory. **Recommendations** For iOS versions prior to 12.3, update to iOS 12.3 or later. For macOS Mojave versions prior to 10.14.5, update to macOS Mojave 10.14.5 or later. For tvOS versions prior to 12.3, update to tvOS 12.3 or later. For watchOS versions prior to 5.2.1, update to watchOS 5.2.1 or later. For Safari versions prior to 12.1.1, update to Safari 12.1.1 or later. For iTunes for Windows versions prior to 12.9.5, update to iTunes for Windows 12.9.5 or later. For iCloud for Windows versions prior to 7.12, update to iCloud for Windows 7.12 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 11.1 Apple Safari versions prior to 11.0.1 Apple iCloud versions prior to 7.1 on Windows Apple iTunes versions prior to 12.7.1 on Windows Apple tvOS versions prior to 11.1 **Description** The issue involves the WebKit component and allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. **Recommendations** For iOS versions prior to 11.1, update to version 11.1 or later. For Safari versions prior to 11.0.1, update to version 11.0.1 or later. For iCloud versions prior to 7.1 on Windows, update to version 7.1 or later. For iTunes versions prior to 12.7.1 on Windows, update to version 12.7.1 or later. For tvOS versions prior to 11.1, update to version 11.1 or later.