CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 2CVE-2018-4367 – FaceTime - 'readSPSandGetDecoderParams' Stack Corruption
https://notcve.org/view.php?id=CVE-2018-4367
31 Oct 2018 — A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1. Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1. iOS 12.1 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities. • https://packetstorm.news/files/id/150207 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4390 – Apple Security Advisory 2018-10-30-1
https://notcve.org/view.php?id=CVE-2018-4390
31 Oct 2018 — An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing. Se abordó un problema de interfaz de usuario inconsistente con una administración de estado mejorada. Este problema se corrigió en macOS High Sierra versión 10.13.1, Security Update 2017-001 Sierra y Secur... • https://support.apple.com/en-us/HT208221 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4355 – Apple Security Advisory 2018-10-30-9
https://notcve.org/view.php?id=CVE-2018-4355
31 Oct 2018 — A configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14. Se abordó un problema de configuración con restricciones adicionales. Este problema afectaba a iOS en versiones anteriores a la 12 y macOS Mojave en versiones anteriores a la 10.14. macOS Mojave 10.14 addresses buffer overflow, code execution, denial of service, and information leakage vulnerabilities. • https://support.apple.com/kb/HT209106 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2CVE-2018-4366 – FaceTime - 'VCPDecompressionDecodeFrame' Memory Corruption
https://notcve.org/view.php?id=CVE-2018-4366
31 Oct 2018 — A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1. Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1. There is a heap corruption vulnerability in VCPDecompressionDecodeFrame which is called by FaceTime. • https://packetstorm.news/files/id/150208 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4409 – Apple Security Advisory 2018-10-30-6
https://notcve.org/view.php?id=CVE-2018-4409
31 Oct 2018 — A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Un problema de agotamiento de recursos se abordó con una validación de entradas mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1, tvOS en versiones anteriores a la 12.1, Safari en versiones anteriores a la 12.0.1, iTunes en versiones anteriores a la 12.9.1 y iCloud para Windows en versiones anteriores ... • https://support.apple.com/kb/HT209192 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4126 – Apple macOS nsurlstoraged Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4126
31 Oct 2018 — A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. El problema afectaba a iOS, en versiones anteriores a la 12; macOS Mojave, en versiones anteriores a la 10.14; tvOS, en versiones anteriores a la 12; watchOS, en versiones anteriores a la 5; iTunes para Windows, en version... • https://support.apple.com/kb/HT209106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4332 – Apple Security Advisory 2018-10-30-11
https://notcve.org/view.php?id=CVE-2018-4332
31 Oct 2018 — A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. Este problema afectaba a iOS en versiones anteriores a la 12, macOS Mojave en versiones anteriores a la 10.14, tvOS en versiones anteriores a la 12 y watchOS en versiones anteriores a la 5. macOS Mojave 10.14 addresses buffer overflow, code execution, denial of service, ... • https://support.apple.com/kb/HT209106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4392 – Apple Security Advisory 2018-10-30-6
https://notcve.org/view.php?id=CVE-2018-4392
31 Oct 2018 — Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1, tvOS en versiones anteriores a la 12.1, watchOS en versiones anteriores a la 5.1, Safari en versiones anteriores a la 12.0.1, iTunes en versiones ant... • https://support.apple.com/kb/HT209192 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4425 – Apple macOS NECP Control Socket Type Confusion Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-4425
31 Oct 2018 — A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. Este problema afectaba a iOS en versiones anteriores a la 12, macOS Mojave en versiones anteriores a la 10.14, tvOS en versiones anteriores a la 12 y watchOS en versiones anteriores a la 5. This vulnerability allows local attackers to execute escalate privileges on vulne... • https://support.apple.com/kb/HT209106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4374 – Apple Security Advisory 2018-10-30-6
https://notcve.org/view.php?id=CVE-2018-4374
31 Oct 2018 — A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Un problema de lógica se abordó con una validación mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1; watchOS en versiones anteriores a la 5.1; Safari en versiones anteriores a la 12.0.1; iTunes en versiones anteriores a la 12.9.1 y iCloud para Windows en versiones anteriores a la 7.8. iCloud for Windows 7.8 is now avail... • https://support.apple.com/kb/HT209192 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •