Apple macOS vulnerabilities

CVE-2019-8669 [HIGH] CWE-787 CVE-2019-8669: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8672 [HIGH] CWE-787 CVE-2019-8672: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8802 [HIGH] CWE-20 CVE-2019-8802: A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges.

CVE-2019-8644 [HIGH] CWE-416 CVE-2019-8644: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8513 [HIGH] CWE-78 CVE-2019-8513: This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands.

CVE-2019-8695 [HIGH] CWE-787 CVE-2019-8695: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges.

CVE-2019-8619 [HIGH] CWE-787 CVE-2019-8619: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8508 [HIGH] CWE-120 CVE-2019-8508: A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 1 A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.

CVE-2019-8606 [HIGH] CWE-362 CVE-2019-8606: A validation issue existed in the handling of symlinks. This issue was addressed with improved valid A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.5. A local user may be able to load unsigned kernel extensions.

CVE-2019-8587 [HIGH] CWE-129 CVE-2019-8587: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8584 [HIGH] CWE-416 CVE-2019-8584: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8586 [HIGH] CWE-787 CVE-2019-8586: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8666 [HIGH] CWE-787 CVE-2019-8666: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8561 [HIGH] CWE-20 CVE-2019-8561: A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4. A A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to elevate privileges.

CVE-2019-8679 [HIGH] CWE-787 CVE-2019-8679: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2019-8533 [HIGH] CWE-287 CVE-2019-8533: A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave A lock handling issue was addressed with improved lock handling. This issue is fixed in macOS Mojave 10.14.4. A Mac may not lock when disconnecting from an external monitor.

CVE-2019-8616 [HIGH] CWE-787 CVE-2019-8616: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.

CVE-2019-8511 [HIGH] CWE-120 CVE-2019-8511: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges.

CVE-2019-6239 [HIGH] CVE-2019-6239: This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojav This issue was addressed with improved handling of file metadata. This issue is fixed in macOS Mojave 10.14.4. A malicious application may bypass Gatekeeper checks.

CVE-2019-8697 [HIGH] CWE-787 CVE-2019-8697: A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with system privileges.