CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8592 – Apple macOS AudioCodecs Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8592
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, iOS 13. Playing a malicious audio file may lead to arbitrary code execution. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema se corrigió en macOS Catalina versión 10.15, tvOS versión 12.3, watchOS versión 5.2.1, tvOS versión 13, macOS Catalina versión 10.15.1, Security Update 2019-001 y Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS versión 12.3, iOS versión 13. • https://support.apple.com/en-us/HT210118 https://support.apple.com/en-us/HT210119 https://support.apple.com/en-us/HT210120 https://support.apple.com/en-us/HT210122 https://support.apple.com/en-us/HT210604 https://support.apple.com/en-us/HT210606 https://support.apple.com/en-us/HT210634 https://support.apple.com/en-us/HT210722 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-8583 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8583
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, Safari 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8583 https://bugzilla.redhat.com/show_bug.cgi?id=1876882 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-8568
https://notcve.org/view.php?id=CVE-2019-8568
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system. Se presentó un problema de comprobación en el manejo de enlaces simbólicos. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8593
https://notcve.org/view.php?id=CVE-2019-8593
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, tvOS versión 12.3, watchOS versión 5.2.1. • https://support.apple.com/HT210118 https://support.apple.com/HT210120 https://support.apple.com/HT210122 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-8598
https://notcve.org/view.php?id=CVE-2019-8598
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory. Un problema de comprobación de entrada fue abordado mejorando la comprobación de entrada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •