U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-004:*:*:*:*:*:*
  • CPE Name Search: true
There are 1,612 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2019-8640

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions.

Published: October 27, 2020; 4:15:16 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-8633

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory.

Published: October 27, 2020; 4:15:16 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-8631

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3. Users removed from an iMessage conversation may still be able to alter state.

Published: October 27, 2020; 4:15:16 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-8618

A logic issue was addressed with improved restrictions. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A sandboxed process may be able to circumvent sandbox restrictions.

Published: October 27, 2020; 4:15:16 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-8612

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. An attacker in a privileged network position can modify driver state.

Published: October 27, 2020; 4:15:16 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2019-8592

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, iOS 13. Playing a malicious audio file may lead to arbitrary code execution.

Published: October 27, 2020; 4:15:16 PM -0400
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8582

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory.

Published: October 27, 2020; 4:15:15 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-8579

An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to gain elevated privileges.

Published: October 27, 2020; 4:15:15 PM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2019-8573

An input validation issue was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause a system denial of service.

Published: October 27, 2020; 4:15:15 PM -0400
V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2019-8569

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to execute arbitrary code with system privileges.

Published: October 27, 2020; 4:15:15 PM -0400
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2019-8564

A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.

Published: October 27, 2020; 4:15:15 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-8547

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A remote attacker may be able to leak memory.

Published: October 27, 2020; 4:15:15 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-8528

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.

Published: October 27, 2020; 4:15:14 PM -0400
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2019-8525

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.

Published: October 27, 2020; 4:15:14 PM -0400
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2019-8509

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.

Published: October 27, 2020; 4:15:14 PM -0400
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-7288

The issue was addressed with improved validation on the FaceTime server. This issue is fixed in macOS Mojave 10.14.3 Supplemental Update, iOS 12.1.4. A thorough security audit of the FaceTime service uncovered an issue with Live Photos .

Published: October 27, 2020; 4:15:14 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-6238

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted package may lead to arbitrary code execution.

Published: October 27, 2020; 4:15:14 PM -0400
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-4467

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to elevate privileges.

Published: October 27, 2020; 4:15:14 PM -0400
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-4452

A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to execute arbitrary code with system privileges.

Published: October 27, 2020; 4:15:13 PM -0400
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2018-4451

This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation.

Published: October 27, 2020; 4:15:13 PM -0400
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH