CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2019-8592 – Apple macOS AudioCodecs Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8592
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, iOS 13. Playing a malicious audio file may lead to arbitrary code execution. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema se corrigió en macOS Catalina versión 10.15, tvOS versión 12.3, watchOS versión 5.2.1, tvOS versión 13, macOS Catalina versión 10.15.1, Security Update 2019-001 y Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS versión 12.3, iOS versión 13. • https://support.apple.com/en-us/HT210118 https://support.apple.com/en-us/HT210119 https://support.apple.com/en-us/HT210120 https://support.apple.com/en-us/HT210122 https://support.apple.com/en-us/HT210604 https://support.apple.com/en-us/HT210606 https://support.apple.com/en-us/HT210634 https://support.apple.com/en-us/HT210722 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8589
https://notcve.org/view.php?id=CVE-2019-8589
This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.5. A malicious application may bypass Gatekeeper checks. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en macOS Mojave versión 10.14.5. • https://support.apple.com/HT210119 •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-8583 – webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8583
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, Safari 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8583 https://bugzilla.redhat.com/show_bug.cgi?id=1876882 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2019-8587 – Apple Safari HTMLFormElement Improper Validation of Array Index Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8587
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8587 https://bugzilla.redhat.com/show_bug.cgi?id=1876887 • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 6EXPL: 0CVE-2019-8610 – Apple Safari FontFace Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8610
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8610 https://bugzilla.redhat.com/show_bug.cgi?id=1876900 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •