CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2018-4150
https://notcve.org/view.php?id=CVE-2018-4150
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3, las versiones de macOS anteriores a la 10.13.4, las versiones de tvOS anteriores a la 11.3 y las versiones de watchOS anteriores a la 4.3 se han visto afectadas. • https://github.com/Jailbreaks/CVE-2018-4150 https://github.com/littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc- http://www.securitytracker.com/id/1040604 http://www.securitytracker.com/id/1040608 https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://support.apple.com/HT208696 https://support.apple.com/HT208698 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4115
https://notcve.org/view.php?id=CVE-2018-4115
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access restrictions by leveraging incorrect configuration-profile persistence. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3, las versiones de macOS anteriores a la 10.13.4, las versiones de tvOS anteriores a la 11.3 y las versiones de watchOS anteriores a la 4.3 se han visto afectadas. • http://www.securitytracker.com/id/1040604 http://www.securitytracker.com/id/1040608 https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://support.apple.com/HT208696 https://support.apple.com/HT208698 • CWE-281: Improper Preservation of Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4131
https://notcve.org/view.php?id=CVE-2018-4131
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that scans key states. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11,3 y las versiones de macOS anteriores a la 10.13. • http://www.securityfocus.com/bid/103581 http://www.securitytracker.com/id/1040604 http://www.securitytracker.com/id/1040608 https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://twitter.com/boastr_net/status/979624397664333824 •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2018-4124
https://notcve.org/view.php?id=CVE-2018-4124
An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a crafted string containing a certain Telugu character. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.2.6, las versiones de macOS anteriores a la 10.13.3 Supplemental Update, las versiones de tvOS anteriores a la 11.2.6 y las versiones de watchOS anteriores a la 4.2.3 se han visto afectadas. • http://www.securitytracker.com/id/1040396 https://nakedsecurity.sophos.com/2018/02/20/apple-fixes-that-1-character-to-crash-your-mac-and-iphone-bug https://support.apple.com/HT208534 https://support.apple.com/HT208535 https://support.apple.com/HT208536 https://support.apple.com/HT208537 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2018-4083 – macOS Kernel - Use-After-Free Due to Lack of Locking in 'AppleEmbeddedOSSupportHostClient::registerNotificationPort'
https://notcve.org/view.php?id=CVE-2018-4083
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Touch Bar Support" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.3 se han visto afectadas. • https://www.exploit-db.com/exploits/44007 https://support.apple.com/HT208465 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •