CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4642
https://notcve.org/view.php?id=CVE-2016-4642
11 Jan 2019 — In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings. En iOS en versiones anteriores a la 9.3.3, tvOS en versiones anteriores a la 9.2.2 y OS X El Capitan en versiones anteriores a la v10.11.6 y la actualización de seguridad (Security Update) 2016-004, la autenticación por proxy reportó incorrectamente los proxies HTTP q... • https://support.apple.com/HT206902 • CWE-254: 7PK - Security Features •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-4147
https://notcve.org/view.php?id=CVE-2018-4147
11 Jan 2019 — In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling. En iCloud para Windows en versiones anteriores a la 7.3, Safari en versiones anteriores a la 11.0.3, iTunes en versiones anteriores a la 12.7.3 para Windows e iOS en versiones anteriores a la 11.2.5, existen múltiples corrupciones de memoria y fueron abordadas mediante la mejora de la gestión de memoria. • https://support.apple.com/HT208463 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4194
https://notcve.org/view.php?id=CVE-2018-4194
11 Jan 2019 — In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. En iOS en versiones anteriores a la 11.4, iCloud para Windows en versiones anteriores a la 7.5, watchOS en versiones anteriores a la 4.3.1, iTunes en versiones anteriores a la 12.7.5 para Windows y macOS High Sierra en versiones anteriores a la 10.13.5, se abordó una lectura fuera de límites con la... • https://support.apple.com/HT208848 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4644
https://notcve.org/view.php?id=CVE-2016-4644
11 Jan 2019 — In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials. En iOS en versiones anteriores a la 9.3.3, tvOS en versiones anteriores a la 9.2.2 y OS X El Capitan en versiones anteriores a la v10.11.6 y la actualización de seguridad (Security Update) 2016-004, existía un problema de degradación con las... • https://support.apple.com/HT206902 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2411
https://notcve.org/view.php?id=CVE-2017-2411
11 Jan 2019 — In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates. En iOS en versiones anteriores a la 11.2, los tipos de cambio se recuperaron de HTTP en lugar de HTTPS. Esto se abordó habilitando HTTPS para los tipos de cambio. • https://support.apple.com/HT208334 • CWE-254: 7PK - Security Features •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13891
https://notcve.org/view.php?id=CVE-2017-13891
11 Jan 2019 — In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management. En iOS en versiones anteriores a la 11.2, se abordó un problema de interfaz de usuario inconsistente mediante la mejora de la gestión de estados. • https://support.apple.com/HT208334 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4189
https://notcve.org/view.php?id=CVE-2018-4189
11 Jan 2019 — In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling. En iOS en versiones anteriores a la 11.2.5, macOS High Sierra en versiones anteriores a la 10.13.3, las actualizaciones de seguridad (Security Update) 2018-001 Sierra y 2018-001 El Capitan, watchOS en versiones anteriores a la 4.2.2 y tvOS en versiones a... • https://support.apple.com/HT208462 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13888
https://notcve.org/view.php?id=CVE-2017-13888
11 Jan 2019 — In iOS before 11.2, a type confusion issue was addressed with improved memory handling. En iOS en versiones anteriores a la 11.2, se abordó un problema de confusión de tipos con la mejora de la gestión de memoria. • https://support.apple.com/HT208334 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4445 – Apple Security Advisory 2018-12-05-4
https://notcve.org/view.php?id=CVE-2018-4445
06 Dec 2018 — "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2. >"Clear History and Website Data" no limpió el historial. Este problema se abordó con una supresión de datos mejorada. • https://support.apple.com/kb/HT209340 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4446 – Apple Security Advisory 2018-12-05-1
https://notcve.org/view.php?id=CVE-2018-4446
06 Dec 2018 — This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.1.1. Este problema se abordó con autorizaciones mejoradas. Este problema afectaba a iOS en versiones anteriores a la 12.1.1. iOS 12.1.1 is now available and addresses code execution and denial of service vulnerabilities. • https://support.apple.com/kb/HT209340 • CWE-20: Improper Input Validation •