![]() ![]() This issue was addressed with improved state management.ĬVE-2019-8649: Sergei Glazunov of Google Project Zeroĭescription: A logic issue was addressed with improved state management.ĬVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative This issue was addressed with improved state management.ĬVE-2019-8690: Sergei Glazunov of Google Project Zeroĭescription: A logic issue existed in the handling of synchronous page loads. Impact: Processing maliciously crafted web content may lead to universal cross site scriptingĭescription: A logic issue existed in the handling of document loads. Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code executionĬVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative Impact: The encryption status of a Time Machine backup may be incorrectĬVE-2019-8667: Roland Kletzing of cyber:con GmbH Impact: Visiting a malicious website may lead to address bar spoofingĭescription: An inconsistent user interface issue was addressed with improved state management.ĬVE-2019-8670: Tsubasa FUJII for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6Īvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6ĬVE-2019-8701: Simon Rong and pjf of IceSword Lab of Qihoo 360 Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionaryĬVE-2019-8662: natashenka and Samuel Groß of Google Project Zero Impact: A remote attacker may be able to view sensitive informationĭescription: A stack overflow was addressed with improved input validation. Impact: An application may be able to execute arbitrary code with kernel privileges Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between servicesĭescription: This issue was addressed with improved checks to prevent unauthorized actions.ĬVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst Impact: A local user may be able to read a persistent account identifierĭescription: This issue was addressed with a new entitlement.ĬVE-2019-8702: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc. Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2019-8697: ccpwd working with Trend Micro’s Zero Day InitiativeĬVE-2019-8648: Tao Huang and Tielei Wang of Team Panguĭescription: This issue was addressed with improved checks.ĬVE-2019-8663: natashenka of Google Project Zero Impact: An attacker in a privileged network position may be able to execute arbitrary codeĭescription: A buffer overflow issue was addressed with improved memory handling.ĬVE-2019-8675: Stephan Zeisberg (/stze) of Security Research Labs ()ĬVE-2019-8696: Stephan Zeisberg (/stze) of Security Research Labs () ![]() Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code executionĬVE-2019-8660: Samuel Groß and natashenka of Google Project Zero Impact: A remote attacker may be able to leak memoryĭescription: An out-of-bounds read was addressed with improved input validation.ĬVE-2019-8646: natashenka of Google Project Zero The changes for this issue mitigate CVE-2020-10135.Įntry added August 13, 2019, updated June 25, 2020ĭescription: A use after free issue was addressed with improved memory management.ĬVE-2019-8661: natashenka of Google Project Zero Kasper Rasmussen of University of Oxford, England ![]() Nils Ole Tippenhauer of CISPA, Germany, and Prof. This issue was addressed with improved input validation.ĬVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)ĭescription: An input validation issue existed in Bluetooth. Impact: A remote attacker may be able to cause arbitrary code executionĭescription: A memory corruption issue was addressed with improved input validation. Impact: Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeperĭescription: This was addressed with additional checks by Gatekeeper on files mounted through a network share.Īvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5 Impact: An application may be able to read restricted memoryĭescription: A validation issue was addressed with improved input sanitization.Īvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6 ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |