Published threat advisories for December 18, 2019

A memory management flaw in Apple operating systems could permit a malicious application to execute code with system privileges. This impacts the integrity and confidentiality of data, posing a business risk of system compromise and potential data breaches. Organizations should apply vendor updates to mitigate this ris

NVD published: December 18, 2019 • CISA KEV

A use-after-free flaw in macOS may allow an application to gain elevated privileges. This could impact system integrity and lead to unauthorized access. The risk is associated with local exploitation. The issue is addressed in macOS Mojave 10.14.4.

NVD published: December 18, 2019 • CISA KEV

A type confusion vulnerability in certain Apple products allows for arbitrary code execution by processing maliciously crafted web content. This poses a risk to affected organizations, employees, and systems by potentially enabling attackers to gain control and compromise data. The business risk stems from unauthorized

NVD published: December 18, 2019 • CISA KEV

A memory corruption vulnerability in iOS may allow a malicious application to execute arbitrary code with kernel privileges. This presents a business risk by potentially compromising data confidentiality and integrity on affected devices. Organizations should apply vendor updates to mitigate this risk.

NVD published: December 18, 2019 • CISA KEV

A memory corruption flaw in Apple operating systems could allow an application to gain elevated privileges. This impacts system integrity and data confidentiality. The realistic business risk involves unauthorized access and control over affected systems.

NVD published: December 18, 2019 • CISA KEV

IBM Planning Analytics can be exploited by unauthenticated users to gain administrative access and execute code as root or SYSTEM. This exposes affected organizations to business risk from unauthorized system control and potential data compromise.

NVD published: December 18, 2019 • CISA KEV