Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory...

Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution...

Design/Logic Flaw

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory...

Buffer overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges...

CVE-2019-8745

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution...

CVE-2019-8576

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to cause unexpected system termination or read kernel memory...

CVE-2019-8576

CVE-2019-8576 is an out-of-bounds read in Apple’s Kernel component. A local user could cause system termination or read kernel memory. Fixes were issued in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, and watchOS 5.2.1 per Apple advisories; related CVE entries and vendor advisories confirm the kern...

CVE-2019-8560

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to read restricted memory...

CVE-2019-8542

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges...

CVE-2019-8519

CVE-2019-8519 is an out-of-bounds read vulnerability in macOS components that was mitigated by improved bounds checking. The issue could allow an application to read restricted memory and is addressed in macOS Mojave 10.14.4. Public references in the connected data confirm the root cause as an ou...

CVE-2019-8508

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges...

CVE-2019-8508

CVE-2019-8508 describes a kernel-level buffer overflow vulnerability where mounting a maliciously crafted NFS network share could lead to arbitrary code execution with kernel/system privileges. The issue is addressed bymacOS Mojave 10.14.4 via improved bounds checking in the kernel path handling ...

CVE-2019-8520

CVE-2019-8520 is an out-of-bounds read vulnerability in macOS that was addressed by improved bounds checking. The issue could allow a malicious application to read restricted memory and is fixed in macOS Mojave 10.14.4 (Security Update). The available sources consistently describe the fix as part...

CVE-2019-8517

CVE-2019-8517 is an out-of-bounds read in Apple’s TrueTypeScaler/font processing component. Affects iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, and watchOS 5.2. Exploitation could lead to disclosure of process memory. The vulnerability is addressed by the listed fixed OS versions; no exploit detai...

The vulnerability of the CGI processor (wlg_adv.cgi) in Netgear Nighthawk’s embedded software allows a hacker to execute arbitrary commands.

The vulnerability of the CGI processor wlgadv.cgi in Netgear Nighthawk router’s embedded software is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

About the security content of Xcode 11.3

About the security content of Xcode 11.3 This document describes the security content of Xcode 11.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Fedora 30 : xen (2019-cbb732f760)

add missing XSA-299 patches x86: Machine Check Error on Page Size Change DoS XSA-304, CVE-2018-12207 TSX Asynchronous Abort speculative side channel XSA-305, CVE-2019-11135 ---- VCPUOPinitialise DoS XSA-296, CVE-2019-18420 missing descriptor table limit checking in x86 PV emulation XSA-298,...

Security Bulletin: IBM® Db2® is vulnerable to a buffer overflow which could allow a local malicious user to execute arbitrary code (CVE-2018-1936).

Summary Db2 is vulnerable to a buffer overflow which could allow a local malicious user to execute arbitrary code as root. Vulnerability Details CVEID: CVE-2018-1936 DESCRIPTION: IBM DB2 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could...

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...