Apple » Mac Os X » 10.14.6 security_update_2019-002 : Security Vulnerabilities, CVEs,
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2023-08-16
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2023-08-16
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2023-08-16
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2023-08-16
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2023-08-16
The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
Max CVSS
7.0
EPSS Score
0.21%
Published
2019-10-03
Updated
2023-08-16
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2023-08-16
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2023-08-16
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2023-08-16
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
Max CVSS
7.5
EPSS Score
0.33%
Published
2019-10-03
Updated
2020-01-20
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.
Max CVSS
7.8
EPSS Score
0.07%
Published
2020-10-27
Updated
2020-10-30
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, iOS 13. Playing a malicious audio file may lead to arbitrary code execution.
Max CVSS
7.8
EPSS Score
0.17%
Published
2020-10-27
Updated
2021-07-21
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.
Max CVSS
7.8
EPSS Score
0.04%
Published
2019-12-18
Updated
2021-07-21
This issue was addressed with improved entitlements. This issue is fixed in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13. An application may be able to gain elevated privileges.
Max CVSS
9.8
EPSS Score
0.23%
Published
2021-12-23
Updated
2022-01-04
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15, tvOS 13. Processing a maliciously crafted movie may result in the disclosure of process memory.
Max CVSS
5.5
EPSS Score
0.07%
Published
2019-12-18
Updated
2022-01-01
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to arbitrary code execution.
Max CVSS
7.8
EPSS Score
0.14%
Published
2020-10-27
Updated
2021-07-21