CVSS: 8.8EPSS: 41%CPEs: 6EXPL: 2CVE-2018-4314 – WebKit - 'WebCore::SVGAnimateElementBase::resetAnimatedType' Use-After-Free
https://notcve.org/view.php?id=CVE-2018-4314
25 Sep 2018 — A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Se abordó un problema de uso de memoria previamente liberada con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12, tvOS en versiones anteriores a la 12, Safari en versiones anteriores a la 12, iTunes para Windows en versiones anteriores a la 12.9 y iCloud para Windows en versiones an... • https://packetstorm.news/files/id/149550 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2018-4299 – Apple Safari performProxyCall Internal Object Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4299
24 Sep 2018 — Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12, tvOS en versiones anteriores a la 12, watchOS en versiones anteriores a la 5, Safari en versiones anteriores a la 12, iTunes para Windows en versiones ... • https://support.apple.com/kb/HT209106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2018-4358 – Apple Safari Array Concat Uninitialized Buffer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4358
24 Sep 2018 — Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12, tvOS en versiones anteriores a la 12, watchOS en versiones anteriores a la 5, Safari en versiones anteriores a la 12, iTunes para Windows en versiones ... • https://support.apple.com/kb/HT209106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4309 – Apple Safari Subframe Same-Origin Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2018-4309
24 Sep 2018 — A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Existía un problema de Cross-Site Scripting (XSS) en Safari. Este problema se abordó con una validación de URL mejorada. • https://support.apple.com/kb/HT209106 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4329 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4329
17 Sep 2018 — Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12, Safari 12. Limpiar un elemento del historial podría no limpiar las visitas con cadenas de redirección. Este problema se abordó con una supresión de datos mejorada. • https://support.apple.com/kb/HT209106 • CWE-19: Data Processing Errors •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4356 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4356
17 Sep 2018 — A permissions issue existed. This issue was addressed with improved permission validation. This issue affected versions prior to iOS 12. Existía un problema de permisos. Este problema se abordó con una validación de permisos mejorada. • https://support.apple.com/kb/HT209106 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4313 – Apple Security Advisory 2018-10-30-11
https://notcve.org/view.php?id=CVE-2018-4313
17 Sep 2018 — A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. Existía un problema de consistencia en la gestión de las instantáneas de aplicación. El problema se abordó con una gestión de borrado de mensajes mejorada. • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4335 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4335
17 Sep 2018 — A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12. Un problema de validación se abordó con un saneamiento de entradas mejorado. Este problema afectaba a iOS en versiones anteriores a la 12. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities. • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4352 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4352
17 Sep 2018 — A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12. Existía un problema de consistencia en la gestión de las instantáneas de aplicación. El problema se abordó con una gestión de borrado de notas mejorada. • https://support.apple.com/kb/HT209106 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 16%CPEs: 1EXPL: 2CVE-2018-4330 – Apple Security Advisory 2018-9-17-1
https://notcve.org/view.php?id=CVE-2018-4330
17 Sep 2018 — In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling. En iOS en versiones anteriores a la 11.4, existe un problema de corrupción de memoria y se abordó con la mejora de la gestión de memoria. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities. • https://github.com/harryanon/POC-CVE-2018-4327-and-CVE-2018-4330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •