CVSS: 9.8EPSS: 2%CPEs: 7EXPL: 0CVE-2019-8746 – iMessage NSSharedKeyDictionary Decode Out-Of-Bounds Read
https://notcve.org/view.php?id=CVE-2019-8746
01 Nov 2019 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigi... • https://support.apple.com/en-us/HT210604 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8785 – Apple Security Advisory 2019-10-29-1
https://notcve.org/view.php?id=CVE-2019-8785
01 Nov 2019 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, macOS Catalina versión 10.15.1, tvOS versión 13.2, watchOS versión 6.1. • https://support.apple.com/HT210721 • CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8809 – Apple Security Advisory 2019-10-29-11
https://notcve.org/view.php?id=CVE-2019-8809
01 Nov 2019 — A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, watchOS 6, iOS 13. A local app may be able to read a persistent account identifier. Se abordó un problema de comprobación con una lógica mejorada. Este problema se corrigió en macOS Catalina versión 10.15, iOS versión 13.1 y iPadOS versión 13.1, tvOS versión 13, watchOS versión 6, iOS versión 13. • https://support.apple.com/en-us/HT210603 •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8715 – Apple Security Advisory 2019-10-29-6
https://notcve.org/view.php?id=CVE-2019-8715
01 Nov 2019 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. An application may be able to execute arbitrary code with system privileges. Se abordó un problema de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en macOS Catalina versión 10.15.1, Security Update 2019-001 y Security Update 2019-006, macOS Catalina versión 1... • https://support.apple.com/en-us/HT210606 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8787 – Apple Security Advisory 2019-10-29-1
https://notcve.org/view.php?id=CVE-2019-8787
01 Nov 2019 — An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory. Una lectura fuera de límites fue abordada con una comprobación de entrada mejorada. Este problema es corregido en iOS versión 13.2 y iPadOS versión 13.2, macOS Catalina versión 10.15.1, tvOS versión 13.2, watchOS versión 6.1. • https://support.apple.com/HT210721 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-8706 – Apple Security Advisory 2019-10-29-11
https://notcve.org/view.php?id=CVE-2019-8706
01 Nov 2019 — A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to arbitrary code execution. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada. Este problema se corrigió en macOS Catalina versión 10.15, iOS versión 13.1 y iPadOS vers... • https://support.apple.com/en-us/HT210603 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8801 – Apple Security Advisory 2019-10-29-2
https://notcve.org/view.php?id=CVE-2019-8801
01 Nov 2019 — A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. Un problema de carga dinámica de la biblioteca existía en la configuración de iTunes. • https://support.apple.com/HT210722 • CWE-426: Untrusted Search Path •
CVSS: 9.3EPSS: 4%CPEs: 1EXPL: 1CVE-2019-8805 – Apple Security Advisory 2019-10-29-2
https://notcve.org/view.php?id=CVE-2019-8805
01 Nov 2019 — A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges. Se presentó un problema de comprobación en la verificación de derechos. • https://github.com/securelayer7/CVE-2019-8805 •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8741 – Apple Security Advisory 2019-10-29-6
https://notcve.org/view.php?id=CVE-2019-8741
01 Nov 2019 — A denial of service issue was addressed with improved input validation. Se abordó el problema de una denegación de servicio con una comprobación de entrada mejorada. macOS Catalina 10.15 addresses buffer overflow, code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities. • https://eprint.iacr.org/2019/1421 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-8789 – Apple Security Advisory 2019-10-29-1
https://notcve.org/view.php?id=CVE-2019-8789
01 Nov 2019 — A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information. Se presentó un problema de comprobación en el manejo de enlaces simbólicos. • https://support.apple.com/HT210721 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •