CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8590 – Apple Security Advisory 2019-5-13-2
https://notcve.org/view.php?id=CVE-2019-8590
14 May 2019 — A logic issue was addressed with improved restrictions. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with kernel privileges. Un problema lógico fue abordado con restricciones mejoradas. Este problema es corregido en macOS Mojave versión 10.14.5. • https://support.apple.com/HT210119 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-8598 – Apple Security Advisory 2019-5-13-3
https://notcve.org/view.php?id=CVE-2019-8598
14 May 2019 — An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory. Un problema de comprobación de entrada fue abordado mejorando la comprobación de entrada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, iTunes para Windows versión 12.9.5... • https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2019-8600 – Apple Security Advisory 2019-5-13-3
https://notcve.org/view.php?id=CVE-2019-8600
14 May 2019 — A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution. Un problema de corrupción de memoria fue abordado mejorando la comprobación de entrada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, iTunes para Windows versión 1... • https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8534 – Apple macOS apfs Volume Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-8534
29 Apr 2019 — A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A malicious application may be able to execute arbitrary code with kernel privileges. Se presentó un problema de lógica resultando en una corrupción de la memoria. • https://support.apple.com/en-us/HT209600 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 28%CPEs: 2EXPL: 2CVE-2019-8565 – Apple Mac OS X - Feedback Assistant Race Condition
https://notcve.org/view.php?id=CVE-2019-8565
26 Mar 2019 — A race condition was addressed with additional validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A malicious application may be able to gain root privileges. Una condición de carrera se abordó con comprobación adicional. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4. • https://packetstorm.news/files/id/152996 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0CVE-2019-8550 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8550
26 Mar 2019 — An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing. Hubo un problema en la pausa del video FaceTime. • https://support.apple.com/HT209599 • CWE-459: Incomplete Cleanup •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8533 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8533
26 Mar 2019 — A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor. Un problema de manejo de bloqueo fue abordado con un manejo mejorado de bloqueo. Este problema es corregido en macOS Mojave versión 10.14.4. • https://support.apple.com/HT209600 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 1%CPEs: 4EXPL: 3CVE-2019-6207 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-6207
26 Mar 2019 — An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. Se presentó un problema de lectura fuera de límites que condujo a la divulgación de la memoria del kernel. • https://github.com/maldiohead/CVE-2019-6207 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-8542 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-8542
26 Mar 2019 — A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges. Un desbordamiento del búfer fue abordado mejorando la comprobación de límites. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2, watchOS versión 5.2, iTunes versión 12.9.4 para Windows, iCloud para Windows versió... • https://support.apple.com/HT209599 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-7293 – Apple Security Advisory 2019-3-25-2
https://notcve.org/view.php?id=CVE-2019-7293
26 Mar 2019 — A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2, watchOS versión 5.2. • https://support.apple.com/HT209599 • CWE-787: Out-of-bounds Write •