Filtered by vendor Apple
Subscribe
Total
11189 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-8724 | 1 Apple | 1 Xcode | 2019-12-22 | 9.3 HIGH | 8.8 HIGH |
| Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. | |||||
| CVE-2019-8787 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2019-12-22 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory. | |||||
| CVE-2019-8513 | 1 Apple | 1 Mac Os X | 2019-12-22 | 7.2 HIGH | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands. | |||||
| CVE-2019-8508 | 1 Apple | 1 Mac Os X | 2019-12-22 | 7.2 HIGH | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges. | |||||
| CVE-2019-6207 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-22 | 2.1 LOW | 5.5 MEDIUM |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. | |||||
| CVE-2019-8510 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-22 | 2.1 LOW | 5.5 MEDIUM |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. | |||||
| CVE-2019-8731 | 1 Apple | 1 Iphone Os | 2019-12-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue is fixed in iOS 13. Processing a maliciously crafted file may disclose user information. | |||||
| CVE-2019-8585 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-22 | 6.8 MEDIUM | 8.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. Processing a maliciously crafted movie file may lead to arbitrary code execution. | |||||
| CVE-2019-8576 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-22 | 6.6 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory. | |||||
| CVE-2019-8802 | 1 Apple | 1 Mac Os X | 2019-12-21 | 9.3 HIGH | 7.8 HIGH |
| A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges. | |||||
| CVE-2019-6232 | 1 Apple | 1 Icloud | 2019-12-21 | 7.6 HIGH | 7.5 HIGH |
| A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution. | |||||
| CVE-2019-6236 | 1 Apple | 1 Icloud | 2019-12-21 | 7.6 HIGH | 7.5 HIGH |
| A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution. | |||||
| CVE-2019-8526 | 1 Apple | 1 Mac Os X | 2019-12-20 | 7.2 HIGH | 7.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.4. An application may be able to gain elevated privileges. | |||||
| CVE-2019-8591 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-20 | 8.8 HIGH | 7.1 HIGH |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2019-8698 | 1 Apple | 2 Iphone Os, Tvos | 2019-12-20 | 4.3 MEDIUM | 3.3 LOW |
| A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites. | |||||
| CVE-2019-8568 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-12-20 | 2.1 LOW | 5.5 MEDIUM |
| A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system. | |||||
| CVE-2019-8520 | 1 Apple | 1 Mac Os X | 2019-12-20 | 2.1 LOW | 5.5 MEDIUM |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory. | |||||
| CVE-2019-8649 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-12-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | |||||
| CVE-2019-8690 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-12-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting. | |||||
| CVE-2019-8507 | 1 Apple | 1 Mac Os X | 2019-12-20 | 2.1 LOW | 5.5 MEDIUM |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination. | |||||