CVE-2019-8848

CVE-2019-8848 is an elevation-of-privilege issue in Apple CFNetwork Proxies (and related components) that could allow a local attacker to gain higher privileges. It is fixed by updates across macOS/macOS Catalina 10.15.2, Mojave Security Update 2019-002, High Sierra Security Update 2019-007, tvOS...

CVE-2019-8848

This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16...

CVE-2019-8836

CVE-2019-8836 is a memory corruption vulnerability reported by Apple, affecting Apple devices including iOS/iPadOS, watchOS, tvOS. The issue is fixed in iOS 13.3.1, iPadOS 13.3.1, watchOS 6.1.2, and tvOS 13.3.1. Apple’s security content lists CVE-2019-8836 under entries for components such as IOU...

CVE-2019-8836

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges...

CVE-2019-8838

CVE-2019-8838 is a kernel memory corruption issue affecting Apple platforms. The vulnerability could allow an application to execute arbitrary code with kernel privileges. It is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra, tvOS 13.3, iOS ...

CVE-2019-8838

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code...

CVE-2019-8844

CVE-2019-8844 is a memory corruption issue reported across Apple/WebKit components. The connected advisory confirms the vulnerability was addressed in tvOS 13.3, iOS/iPadOS 13.3, watchOS 6.1.1, Safari 13.0.4, and related macOS/iCloud/iTunes releases, indicating improved memory handling fixed the ...

CVE-2019-8844

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may le...

CVE-2019-8841

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3. An application may be able to execute arbitrary code with kernel privileges...

CVE-2019-8841

CVE-2019-8841 (Apple iOS/iPadOS) affects the IOSurfaceAccelerator component in Apple devices. The root cause is described as the removal of vulnerable code that previously allowed kernel-privelleged execution, leading to a potential arbitrary code execution with kernel privileges. The vulnerabili...

CVE-2019-8833

A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary co...

CVE-2019-8833

CVE-2019-8833 affects Apple’s kernel component and describes a memory corruption vulnerability. The issue was mitigated by removing the vulnerable code and is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra, tvOS 13.3, iOS 13.3, and iPadOS 13...

CVE-2019-8832

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code...

CVE-2019-8835

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary...

CVE-2019-8835

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary...

CVE-2019-8835

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary...

CVE-2019-8834

The CVE-2019-8834 entry affects Apple’s CFNetwork (and related iCloud/WebKit contexts in Apple OS releases). Description: a configuration issue may allow an attacker in a privileged network position to bypass HSTS for a limited set of top‑level domains not previously in the HSTS preload list. Aff...

CVE-2019-8834

A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iClo...

CVE-2019-8828

CVE-2019-8828 is a memory-corruption vulnerability in Apple’s kernel components. Affected products/versions (per provided docs): iOS 13.3/iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra, tvOS 13.3. Root cause: memory corrup...

CVE-2019-8828

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code...