Apple Macos Catalina vulnerabilities

CVE-2019-8781 [HIGH] CVE-2019-8781: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8781 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management.

CVE-2019-8825 [HIGH] CVE-2019-8825: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8825 Component: CoreMedia Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management.

CVE-2019-8592 [HIGH] CVE-2019-8592: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8592 Component: CoreAudio Impact: Playing a malicious audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2019-11042 [HIGH] CVE-2019-11042: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-11042 Component: CVE-2019-11042

CVE-2019-8831 [HIGH] CVE-2019-8831: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8831 Component: UIFoundation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2019-8741 [HIGH] CVE-2019-8741: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8741 Component: CoreCrypto Impact: Processing a large input may lead to a denial of service Description: A denial of service issue was addressed with improved input validation.

CVE-2018-12152 [HIGH] CVE-2018-12152: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2018-12152 Component: Graphics Impact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2019-8759 [HIGH] CVE-2019-8759: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8759 Component: IOGraphics Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2019-8854 [HIGH] CVE-2019-8854: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8854 Component: Wi-Fi Impact: A device may be passively tracked by its Wi-Fi MAC address Description: A user privacy issue was addressed by removing the broadcast MAC address.

CVE-2019-8744 [MEDIUM] CVE-2019-8744: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8744 Component: Kernel Impact: A malicious application may be able to determine kernel memory layout Description: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.

CVE-2019-8708 [MEDIUM] CVE-2019-8708: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8708 Component: PluginKit Impact: A local user may be able to check for the existence of arbitrary files Description: A logic issue was addressed with improved restrictions.

CVE-2019-8855 [MEDIUM] CVE-2019-8855: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8855 Component: Sandbox Impact: A malicious application may be able to access restricted files Description: An access issue was addressed with additional sandbox restrictions.

CVE-2019-8769 [MEDIUM] CVE-2019-8769: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8769 Component: WebKit Impact: Visiting a maliciously crafted website may reveal browsing history Description: An issue existed in the drawing of web page elements. The issue was addressed with improved logic.

CVE-2018-12153 [MEDIUM] CVE-2018-12153: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2018-12153 Component: Graphics Impact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2019-8737 [MEDIUM] CVE-2019-8737: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8737 Component: CUPS Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation.

CVE-2019-8753 [MEDIUM] CVE-2019-8753: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8753 Component: CFNetwork Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks.

CVE-2018-12154 [MEDIUM] CVE-2018-12154: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2018-12154 Component: Graphics Impact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation.

CVE-2019-8736 [MEDIUM] CVE-2019-8736: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8736 Component: CUPS Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An input validation issue was addressed with improved input validation.

CVE-2019-8850 [MEDIUM] CVE-2019-8850: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8850 Component: Audio Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2019-8770 [MEDIUM] CVE-2019-8770: macOS Catalina 10.15 Apple Security Update: About the security content of macOS Catalina 10.15 Product: macOS Catalina Version: 10.15 CVE: CVE-2019-8770 Component: SharedFileList Impact: A malicious application may be able to access recent documents Description: The issue was addressed with improved permissions logic.