CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8507
https://notcve.org/view.php?id=CVE-2019-8507
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination. Múltiples problemas de corrupción de memoria fueron abordados con una comprobación de entrada mejorada. Este problema es corregido en macOS Mojave versión 10.14.4. • https://support.apple.com/HT209600 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8526 – Apple macOS Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2019-8526
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges. Un problema de la memoria previamente liberada fue abordado con una mejor administración de memoria. Este problema es corregido en macOS Mojave versión 10.14.4. • https://support.apple.com/HT209600 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6239
https://notcve.org/view.php?id=CVE-2019-6239
This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks. Este problema fue abordado mejorando el manejo de los metadatos de los archivos. Este problema es corregido en macOS Mojave versión 10.14.4. • https://support.apple.com/HT209446 https://support.apple.com/HT209600 •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8530
https://notcve.org/view.php?id=CVE-2019-8530
This issue was addressed with improved checks. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. A malicious application may be able to overwrite arbitrary files. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2. • https://support.apple.com/HT209599 https://support.apple.com/HT209600 https://support.apple.com/HT209601 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2019-8513 – Mac OS X TimeMachine (tmdiagnose) Command Injection Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-8513
This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en macOS Mojave versión 10.14.4. • https://www.exploit-db.com/exploits/47070 https://support.apple.com/HT209600 https://medium.com/0xcc/rootpipe-reborn-part-i-cve-2019-8513-timemachine-root-command-injection-47e056b3cb43 https://support.apple.com/en-in/HT209600 https://github.com/ChiChou/sploits https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/osx/local/timemachine_cmd_injection.rb • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •