{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T13:29:13.821","vulnerabilities":[{"cve":{"id":"CVE-2019-9536","sourceIdentifier":"cret@cert.org","published":"2019-11-22T18:15:11.170","lastModified":"2024-11-21T04:51:48.550","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware."},{"lang":"es","value":"La implementación de bootrom malloc del Apple iPhone 3GS devuelve un puntero no NULL cuando no puede asignar la memoria, también se conoce como \"alloc8\". Un atacante con acceso físico al dispositivo puede instalar un firmware arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"cret@cert.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-755"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:apple:iphone_3gs:-:*:*:*:*:*:*:*","matchCriteriaId":"9F47AA5E-7909-4F36-9B69-4977B4BB35F8"}]}]}],"references":[{"url":"https://github.com/axi0mX/alloc8","source":"cret@cert.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/axi0mX/ipwndfu/blob/master/alloc8.py","source":"cret@cert.org","tags":["Third Party Advisory"]},{"url":"https://github.com/axi0mX/alloc8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/axi0mX/ipwndfu/blob/master/alloc8.py","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}