CVE-2019-8538
https://notcve.org/view.php?id=CVE-2019-8538
A denial of service issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. Processing a maliciously crafted vcf file may lead to a denial of service. Se abordó un problema de denegación de servicio con una comprobación mejorada.  Este problema se corrigió en watchOS versión 5.2, macOS Mojave versión 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS versión 12.2. • https://support.apple.com/en-us/HT209599 https://support.apple.com/en-us/HT209600 https://support.apple.com/en-us/HT209602 •
CVE-2019-8564
https://notcve.org/view.php?id=CVE-2019-8564
A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state. Se abordó un problema lógico con una comprobación mejorada.  Este problema se corrigió en macOS Mojave versión 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. • https://support.apple.com/en-us/HT209600 •
CVE-2019-8528
https://notcve.org/view.php?id=CVE-2019-8528
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de uso de la memoria previamente liberada con una administración de la memoria mejorada.  Este problema se corrigió en watchOS versión 5.2, macOS Mojave versión 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS versión 12.2. • https://support.apple.com/en-us/HT209599 https://support.apple.com/en-us/HT209600 https://support.apple.com/en-us/HT209602 • CWE-416: Use After Free •
CVE-2019-8525
https://notcve.org/view.php?id=CVE-2019-8525
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria con una administración de estado mejorada.  Este problema se corrigió en macOS Mojave versión 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS versión 5.2, macOS Mojave versión 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS versión 12.2. • https://support.apple.com/en-us/HT209599 https://support.apple.com/en-us/HT209600 https://support.apple.com/en-us/HT209602 https://support.apple.com/en-us/HT210119 • CWE-787: Out-of-bounds Write •
CVE-2019-6238
https://notcve.org/view.php?id=CVE-2019-6238
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted package may lead to arbitrary code execution. Se presentó un problema de comprobación en el manejo de enlaces simbólicos. • https://support.apple.com/en-us/HT209600 • CWE-20: Improper Input Validation •