CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4183
https://notcve.org/view.php?id=CVE-2018-4183
In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. En macOS High Sierra en versiones anteriores a la 10.13.5, se abordó un problema de acceso con restricciones adicionales del sandbox. • https://bugzilla.redhat.com/show_bug.cgi?id=1607284 https://security.gentoo.org/glsa/201908-08 https://support.apple.com/HT208849 https://www.debian.org/security/2018/dsa-4243 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4180 – cups: Local privilege escalation to root due to insecure environment variable handling
https://notcve.org/view.php?id=CVE-2018-4180
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. En macOS High Sierra en versiones anteriores a la 10.13.5, existía un problema en CUPS. Este problema se abordó mediante la mejora de las restricciones de acceso. It was discovered that CUPS allows non-root users to pass environment variables to CUPS backends. • https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html https://security.gentoo.org/glsa/201908-08 https://support.apple.com/HT208849 https://usn.ubuntu.com/3713-1 https://www.debian.org/security/2018/dsa-4243 https://access.redhat.com/security/cve/CVE-2018-4180 https://bugzilla.redhat.com/show_bug.cgi?id=1607282 • CWE-642: External Control of Critical State Data •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4181 – cups: Manipulation of cupsd.conf by a local attacker resulting in limited reads of arbitrary files as root
https://notcve.org/view.php?id=CVE-2018-4181
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. En macOS High Sierra en versiones anteriores a la 10.13.5, existía un problema en CUPS. Este problema se abordó mediante la mejora de las restricciones de acceso. • https://lists.debian.org/debian-lts-announce/2018/07/msg00014.html https://security.gentoo.org/glsa/201908-08 https://support.apple.com/HT208849 https://usn.ubuntu.com/3713-1 https://www.debian.org/security/2018/dsa-4243 https://access.redhat.com/security/cve/CVE-2018-4181 https://bugzilla.redhat.com/show_bug.cgi?id=1607291 • CWE-266: Incorrect Privilege Assignment •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4178
https://notcve.org/view.php?id=CVE-2018-4178
A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue affected versions prior to macOS High Sierra 10.13.4. Existía un problema de permisos en el que se permitía la ejecución de permisos de manera incorrecta. Este problema se abordó con una validación de permisos mejorada. • https://support.apple.com/kb/HT208937 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4283 – Apple macOS IOGraphics IDState Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4283
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6. Existía un problema de lectura fuera de límites que conducía a la divulgación de memoria del kernel. Este problema se abordó con una validación de entradas mejorada. • https://support.apple.com/kb/HT208937 • CWE-125: Out-of-bounds Read •