CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2019-8600 – Apple Security Advisory 2019-5-13-3
https://notcve.org/view.php?id=CVE-2019-8600
14 May 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution. Un problema de corrupción de memoria fue abordado mejorando la comprobación de entrada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, iTunes para Windows versión 1... • https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 9%CPEs: 7EXPL: 1CVE-2019-8601 – Apple Safari Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8601
14 May 2019 — Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS v... • https://github.com/BadAccess11/CVE-2019-8601 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-8602 – Apple Security Advisory 2019-5-13-3
https://notcve.org/view.php?id=CVE-2019-8602
14 May 2019 — A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges. Un problema de corrupción de memoria fue abordado eliminando el código vulnerable. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, iTunes para Windows versión 12.9.5, iCloud p... • https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8603 – Apple Safari cfAttributedStringUnserialize Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8603
14 May 2019 — A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5. An application may be able to read restricted memory. Un problema de comprobación fue abordado mejorando el saneamiento de la entrada. Este problema es corregido en macOS Mojave versión 10.14.5. • https://support.apple.com/HT210119 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8604 – Apple macOS securityd Heap-based Buffer Overflow Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-8604
14 May 2019 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en macOS Mojave versión 10.14.5. • https://support.apple.com/HT210119 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 11%CPEs: 4EXPL: 4CVE-2019-8605 – Apple Multiple Products Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2019-8605
14 May 2019 — A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges. Un problema de uso de la memoria previamente liberada fue abordado con una gestión de memoria mejorada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1. • https://packetstorm.news/files/id/152993 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8606 – Apple macOS kextutil Race Condition Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-8606
14 May 2019 — A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions. Se presentó un problema de comprobación en el manejo de enlaces simbólicos. • https://support.apple.com/HT210119 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 8%CPEs: 4EXPL: 3CVE-2019-8591 – Apple macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl
https://notcve.org/view.php?id=CVE-2019-8591
14 May 2019 — A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory. Un problema de confusión de tipos fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1. • https://packetstorm.news/files/id/152994 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8534 – Apple macOS apfs Volume Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-8534
29 Apr 2019 — A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A malicious application may be able to execute arbitrary code with kernel privileges. Se presentó un problema de lógica resultando en una corrupción de la memoria. • https://support.apple.com/en-us/HT209600 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4456 – Apple Security Advisory 2019-5-13-2
https://notcve.org/view.php?id=CVE-2018-4456
03 Apr 2019 — A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14. Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a macOS High Sierra en versiones anteriores a la 10.13.6 y macOS Mojave en versiones anteriores a la 10.14. macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra are now available and addresses bypass and c... • http://seclists.org/fulldisclosure/2019/May/20 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •