Mac 10.14 61/14/2024 ![]() ![]() Impact: The encryption status of a Time Machine backup may be incorrectĬVE-2019-8667: Roland Kletzing of cyber:con GmbH ![]() Impact: Visiting a malicious website may lead to address bar spoofingĭescription: An inconsistent user interface issue was addressed with improved state management.ĬVE-2019-8670: Tsubasa FUJII for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6Īvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6ĬVE-2019-8701: Simon Rong and pjf of IceSword Lab of Qihoo 360 Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionaryĬVE-2019-8662: natashenka and Samuel Groß of Google Project Zero Impact: A remote attacker may be able to view sensitive informationĭescription: A stack overflow was addressed with improved input validation. Impact: An application may be able to execute arbitrary code with kernel privileges Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between servicesĭescription: This issue was addressed with improved checks to prevent unauthorized actions.ĬVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst Impact: A local user may be able to read a persistent account identifierĭescription: This issue was addressed with a new entitlement.ĬVE-2019-8702: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.ĬVE-2019-8695: riusksk of VulWar Corp working with Trend Micro's Zero Day InitiativeĪvailable for: macOS Mojave 10.14.5, macOS High Sierra 10.13.6ĬVE-2019-8691: Aleksandr Tarasikov Arash Tohidi of Solita, Lilang Wu and Moony Li of Trend Micro's Mobile Security Research Team working with Trend Micro's Zero Day InitiativeĬVE-2019-8692: Lilang Wu and Moony Li of Trend Micro Mobile Security Research Team working with Trend Micro's Zero Day Initiative Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2019-8697: ccpwd working with Trend Micro’s Zero Day InitiativeĬVE-2019-8648: Tao Huang and Tielei Wang of Team Panguĭescription: This issue was addressed with improved checks.ĬVE-2019-8663: natashenka of Google Project Zero Impact: A malicious application may be able to execute arbitrary code with system privilegesĭescription: A memory initialization issue was addressed with improved memory handling.ĬVE-2019-8539: ccpwd working with Trend Micro's Zero Day Initiative Impact: An attacker in a privileged network position may be able to execute arbitrary codeĭescription: A buffer overflow issue was addressed with improved memory handling.ĬVE-2019-8675: Stephan Zeisberg (/stze) of Security Research Labs ()ĬVE-2019-8696: Stephan Zeisberg (/stze) of Security Research Labs ()Įntry added August 14, 2019, updated September 17, 2019 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code executionĬVE-2019-8660: Samuel Groß and natashenka of Google Project Zero Impact: A remote attacker may be able to leak memoryĭescription: An out-of-bounds read was addressed with improved input validation.ĬVE-2019-8646: natashenka of Google Project Zero The changes for this issue mitigate CVE-2020-10135.Įntry added August 13, 2019, updated June 25, 2020ĭescription: A use after free issue was addressed with improved memory management.ĬVE-2019-8661: natashenka of Google Project Zero Kasper Rasmussen of University of Oxford, England Nils Ole Tippenhauer of CISPA, Germany, and Prof. This issue was addressed with improved input validation.ĬVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)ĭescription: An input validation issue existed in Bluetooth. Impact: A remote attacker may be able to cause arbitrary code executionĭescription: A memory corruption issue was addressed with improved input validation. Impact: Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeperĭescription: This was addressed with additional checks by Gatekeeper on files mounted through a network share.Īvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: An application may be able to read restricted memoryĭescription: A validation issue was addressed with improved input sanitization.Īvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6 ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |