CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4388
https://notcve.org/view.php?id=CVE-2018-4388
31 Oct 2018 — A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1. Un problema de pantalla de bloqueo permitía el acceso a la función "share" en un dispositivo bloqueado. El problema se abordó restringiendo las opciones que se ofrecían en el dispositivo bloqueado. • https://support.apple.com/kb/HT209192 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4390
https://notcve.org/view.php?id=CVE-2018-4390
31 Oct 2018 — An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing. Se abordó un problema de interfaz de usuario inconsistente con una administración de estado mejorada. Este problema se corrigió en macOS High Sierra versión 10.13.1, Security Update 2017-001 Sierra y Secur... • https://support.apple.com/en-us/HT208221 •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4409
https://notcve.org/view.php?id=CVE-2018-4409
31 Oct 2018 — A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Un problema de agotamiento de recursos se abordó con una validación de entradas mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1, tvOS en versiones anteriores a la 12.1, Safari en versiones anteriores a la 12.0.1, iTunes en versiones anteriores a la 12.9.1 y iCloud para Windows en versiones anteriores ... • https://support.apple.com/kb/HT209192 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4368
https://notcve.org/view.php?id=CVE-2018-4368
31 Oct 2018 — A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. Un problema de denegación de servicio (DoS) se abordó con una validación mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1, macOS Mojave en versiones anteriores a la 10.14.1, tvOS en versiones anteriores a la 12.1 y watchOS en versiones anteriores a la 5.1. • https://support.apple.com/kb/HT209192 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2018-4366 – FaceTime - 'VCPDecompressionDecodeFrame' Memory Corruption
https://notcve.org/view.php?id=CVE-2018-4366
31 Oct 2018 — A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1. Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1. There is a heap corruption vulnerability in VCPDecompressionDecodeFrame which is called by FaceTime. • https://www.exploit-db.com/exploits/45788 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2018-4367 – FaceTime - 'readSPSandGetDecoderParams' Stack Corruption
https://notcve.org/view.php?id=CVE-2018-4367
31 Oct 2018 — A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1. Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1. FaceTime suffers from a stack corruption vulnerability in readSPSandGetDecoderParams. • https://www.exploit-db.com/exploits/45787 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4377
https://notcve.org/view.php?id=CVE-2018-4377
31 Oct 2018 — A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Existía un problema de cross-Site Scripting (XSS) en Safari. Este problema se abordó con una validación de URL mejorada. • https://support.apple.com/kb/HT209192 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4372
https://notcve.org/view.php?id=CVE-2018-4372
31 Oct 2018 — Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1; tvOS en versiones anteriores a la 12.1; watchOS en versiones anteriores a la 5.1; Safari en versiones anteriores a la 12.0.1; iTunes en versiones ant... • https://support.apple.com/kb/HT209192 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4398
https://notcve.org/view.php?id=CVE-2018-4398
31 Oct 2018 — An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8. Existía un problema en la manera en la que se determinaban los número primos. Este problema se abordó utilizando bases pseudoaleatorias para realizar pruebas de número primos. • https://support.apple.com/kb/HT209192 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4376 – Apple Safari RenderCounter Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4376
31 Oct 2018 — Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1, watchOS en versiones anteriores a la 5.1, Safari en versiones anteriores a la 12.0.1, iTunes en versiones anteriores a la 12.9.1 y iCloud para Windows en versio... • https://support.apple.com/kb/HT209192 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •