CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4225
https://notcve.org/view.php?id=CVE-2018-4225
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on Keychain state modifications. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de iCloud anteriores a la 7.5 en Windows, las versiones de iTunes anteriores a la 12.7.5 en Windows y las versiones de watchOS anteriores a la 4.3.1. • http://www.securityfocus.com/bid/104889 http://www.securitytracker.com/id/1041027 https://support.apple.com/HT208848 https://support.apple.com/HT208849 https://support.apple.com/HT208851 https://support.apple.com/HT208852 https://support.apple.com/HT208853 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2018-4193 – Apple macOS WindowServer XRegisterForKey Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-4193
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • https://www.exploit-db.com/exploits/46428 https://github.com/Synacktiv-contrib/CVE-2018-4193 http://www.securityfocus.com/bid/107135 http://www.securitytracker.com/id/1041027 https://support.apple.com/HT208849 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4226
https://notcve.org/view.php?id=CVE-2018-4226
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of sensitive user information. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de iCloud anteriores a la 7.5 en Windows, las versiones de iTunes anteriores a la 12.7.5 en Windows y las versiones de watchOS anteriores a la 4.3.1. • http://www.securityfocus.com/bid/104888 http://www.securitytracker.com/id/1041027 https://support.apple.com/HT208848 https://support.apple.com/HT208849 https://support.apple.com/HT208851 https://support.apple.com/HT208852 https://support.apple.com/HT208853 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2018-4242
https://notcve.org/view.php?id=CVE-2018-4242
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • https://github.com/yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation- http://www.securitytracker.com/id/1041027 http://www.securitytracker.com/id/1042004 https://support.apple.com/HT208849 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4171
https://notcve.org/view.php?id=CVE-2018-4171
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 https://support.apple.com/HT208849 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •