CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4335 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4335
17 Sep 2018 — A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12. Un problema de validación se abordó con un saneamiento de entradas mejorado. Este problema afectaba a iOS en versiones anteriores a la 12. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities. • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4313 – Apple Security Advisory 2018-10-30-11
https://notcve.org/view.php?id=CVE-2018-4313
17 Sep 2018 — A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. Existía un problema de consistencia en la gestión de las instantáneas de aplicación. El problema se abordó con una gestión de borrado de mensajes mejorada. • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4362 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4362
17 Sep 2018 — An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12. Se abordó un problema de inconsistencia en la interfaz de usuario con una gestión de estado mejorada. Este problema afectaba a Safari, en versiones anteriores a la 11.1.2, y iOS en versiones anteriores a la 12. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation v... • https://support.apple.com/kb/HT208934 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4356 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4356
17 Sep 2018 — A permissions issue existed. This issue was addressed with improved permission validation. This issue affected versions prior to iOS 12. Existía un problema de permisos. Este problema se abordó con una validación de permisos mejorada. • https://support.apple.com/kb/HT209106 •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4352 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4352
17 Sep 2018 — A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12. Existía un problema de consistencia en la gestión de las instantáneas de aplicación. El problema se abordó con una gestión de borrado de notas mejorada. • https://support.apple.com/kb/HT209106 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2018-4330 – Apple Security Advisory 2018-9-17-1
https://notcve.org/view.php?id=CVE-2018-4330
17 Sep 2018 — In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling. En iOS en versiones anteriores a la 11.4, existe un problema de corrupción de memoria y se abordó con la mejora de la gestión de memoria. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities. • https://github.com/harryanon/POC-CVE-2018-4327-and-CVE-2018-4330 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4325 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4325
17 Sep 2018 — A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12. Se abordó un problema de lógica con restricciones mejoradas. Este problema afectaba a iOS en versiones anteriores a la 12. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities. • https://support.apple.com/kb/HT209106 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4307 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4307
17 Sep 2018 — A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12. Un problema de lógica se abordó con una gestión de estado mejorada. Este problema afectaba a iOS en versiones anteriores a la 12 y Safari en versiones anteriores a la 12. APPLE-SA-2018-9-24-3 provides dditional information for APPLE-SA-2018-9-17-4. • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: 9EXPL: 0CVE-2018-5383 – Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
https://notcve.org/view.php?id=CVE-2018-5383
23 Jul 2018 — Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. El firmware bluetooth o los controladores de software del sistema operativo en versiones de macOS anteriores a la 10.13, versio... • http://www.cs.technion.ac.il/~biham/BT • CWE-325: Missing Cryptographic Step CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-4278 – Ubuntu Security Notice USN-3743-1
https://notcve.org/view.php?id=CVE-2018-4278
09 Jul 2018 — In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. En Safari en versiones anteriores a la 11.1.2, iTunes en versiones anteriores a la 12.8 para Windows, iOS en versiones anteriores a la 11.4.1, tvOS en versiones anteriores a la 11.4.1 e iCloud para Windows en versiones anteriores a la 7.6, el sonido capt... • http://www.securitytracker.com/id/1041232 •