CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2018-4435 – Apple macOS shm Uninitialized Data Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4435
A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. Se abordó un problema de lógica con restricciones mejoradas. Este problema afectaba a iOS en versiones anteriores a la 12.1.1; macOS Mojave en versiones anteriores a la 10.14.2; tvOS en versiones anteriores a la 12.1.1 y watchOS en versiones anteriores a la 5.1.2. This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. • https://www.exploit-db.com/exploits/45960 https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-4303
https://notcve.org/view.php?id=CVE-2018-4303
An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14, iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. Un problema de validación de entradas se abordó con una validación de entradas mejorada. Este problema afectaba a macOS Mojave en versiones anteriores a la 10.14, iOS en versiones anteriores a la 12.1.1, macOS Mojave en versiones anteriores a la 10.14.2, tvOS en versiones anteriores a la 12.1.1 y watchOS en versiones anteriores a la 5.1.2. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4450
https://notcve.org/view.php?id=CVE-2018-4450
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. Este problema afectaba a macOS Mojave en versiones anteriores a la 10.14.2. • https://support.apple.com/kb/HT209341 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4427
https://notcve.org/view.php?id=CVE-2018-4427
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Security Update 2018-006. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1; watchOS en versiones anteriores a la 5.1.2; tvOS en versiones anteriores a la 12.1.1; macOS High Sierra en versiones anteriores a la 10.13.6 con la actualización de seguridad 2018-003 High Sierra; y macOS Sierra en versiones anteriores a la 10.12.6 con la actualización seguridad 2018-006. • https://support.apple.com/kb/HT209192 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 30EXPL: 0CVE-2018-18311 – perl: Integer overflow leading to buffer overflow in Perl_my_setenv()
https://notcve.org/view.php?id=CVE-2018-18311
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Perl, en versiones anteriores a la 5.26.3 y versiones 5.28.0.x anteriores a la 5.28.1, tiene un desbordamiento de búfer mediante una expresión regular manipulada que desencadena operaciones inválidas de escritura. • http://seclists.org/fulldisclosure/2019/Mar/49 http://www.securityfocus.com/bid/106145 http://www.securitytracker.com/id/1042181 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0001 https://access.redhat.com/errata/RHSA-2019:0010 https://access.redhat.com/errata/RHSA-2019:0109 https://access.redhat.com/errata/RHSA-2019:1790 https://access.redhat.com/errata/RHSA-2019:1942 https://access.redhat.com/errata/RHSA-2019:2400 https:&#x • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •