Lilang Wu

**Nome do software vulnerável e versões afetadas** Driver de CD-ROM do Windows (versões afetadas não especificadas) **Descrição** O problema está relacionado ao gerenciamento inseguro de privilégios no driver de CD-ROM do Windows, o que pode ser explorado para elevar privilégios. Isso permite que um invasor comprometa o sistema. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Versões do macOS anteriores à 10.15.6 **Descrição** Um problema de corrupção de memória foi corrigido com uma validação de entrada aprimorada, permitindo que um aplicativo pudesse executar código arbitrário com privilégios de kernel. **Recomendações** Para versões anteriores à 10.15.6, atualize para o macOS Catalina 10.15.6 para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15 **Description** A memory corruption issue was addressed with improved memory handling, allowing an application to potentially execute arbitrary code with system privileges. **Recommendations** For versions prior to 10.15, update to macOS Catalina 10.15 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15 **Description** A memory corruption issue was addressed with improved memory handling, allowing an application to potentially execute arbitrary code with kernel privileges. **Recommendations** For versions prior to 10.15, update to macOS Catalina 10.15 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple macOS versions prior to 10.15 **Description** A logic issue was addressed with improved restrictions, which may allow a malicious application to determine kernel memory layout. **Recommendations** For versions prior to 10.15, update to macOS Catalina 10.15 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.14.6 **Description** A validation issue was addressed with improved input sanitization, allowing an application to potentially read restricted memory. **Recommendations** For versions prior to 10.14.6, update to macOS Mojave 10.14.6 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple macOS versions prior to 10.14.6 **Description** A validation issue was addressed with improved input sanitization, allowing an application to potentially read restricted memory. **Recommendations** For versions prior to 10.14.6, update to macOS Mojave 10.14.6 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.14.5 **Description** A memory corruption issue was addressed with improved memory handling, allowing an application to potentially execute arbitrary code with system privileges. The issue is related to a double free privilege escalation vulnerability in the AMDRadeonX4000 AMDSIGLContext, specifically with the discard StretchTex2Tex function. **Recommendations** For versions prior to 10.14.5, update to macOS Mojave 10.14.5 to resolve the issue. As a temporary workaround, consider restricting access to the AMDRadeonX4000 AMDSIGLContext module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.14.5 **Description** A memory corruption issue was addressed with improved memory handling, allowing an application to potentially execute arbitrary code with system privileges. The issue is related to an untrusted pointer dereference privilege escalation. **Recommendations** For versions prior to 10.14.5, update to macOS Mojave 10.14.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.14.4 **Description** The issue involves an out-of-bounds read that can be addressed with improved bounds checking. This allows an application to potentially read restricted memory, which could lead to information disclosure. **Recommendations** For versions prior to 10.14.4, update to macOS Mojave 10.14.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.14.2 **Description** A validation issue was addressed with improved input sanitization. **Recommendations** For versions prior to 10.14.2, update to macOS Mojave 10.14.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.2 watchOS versions prior to 3.1.1 **Description** The issue involves the `Accounts` component, which allows local users to bypass intended authorization restrictions. This is achieved by leveraging the mishandling of an app uninstall, effectively exploiting errors in the authorization procedure. **Recommendations** For iOS versions prior to 10.2, update to version 10.2 or later to resolve the issue. For watchOS versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue.