CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4305 – Apple Security Advisory 2018-10-30-11
https://notcve.org/view.php?id=CVE-2018-4305
17 Sep 2018 — An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. Un problema de validación de entradas se abordó con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 12, tvOS en versiones anteriores a la 12 y watchOS en versiones anteriores a la 5. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input... • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4362 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4362
17 Sep 2018 — An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12. Se abordó un problema de inconsistencia en la interfaz de usuario con una gestión de estado mejorada. Este problema afectaba a Safari, en versiones anteriores a la 11.1.2, y iOS en versiones anteriores a la 12. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation v... • https://support.apple.com/kb/HT208934 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4363 – Apple Security Advisory 2018-10-30-11
https://notcve.org/view.php?id=CVE-2018-4363
17 Sep 2018 — An input validation issue existed in the kernel. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. Existía un problema de validación de entradas en el kernel. Este problema se abordó con una validación de entradas mejorada. • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4322 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4322
17 Sep 2018 — This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12. Este problema se abordó con autorizaciones mejoradas. Este problema afectaba a iOS en versiones anteriores a la 12. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities. • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4325 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4325
17 Sep 2018 — A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12. Se abordó un problema de lógica con restricciones mejoradas. Este problema afectaba a iOS en versiones anteriores a la 12. APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities. • https://support.apple.com/kb/HT209106 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4307 – Apple Security Advisory 2018-10-30-8
https://notcve.org/view.php?id=CVE-2018-4307
17 Sep 2018 — A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12. Un problema de lógica se abordó con una gestión de estado mejorada. Este problema afectaba a iOS en versiones anteriores a la 12 y Safari en versiones anteriores a la 12. APPLE-SA-2018-9-24-3 provides dditional information for APPLE-SA-2018-9-17-4. • https://support.apple.com/kb/HT209106 • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: 9EXPL: 0CVE-2018-5383 – Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
https://notcve.org/view.php?id=CVE-2018-5383
23 Jul 2018 — Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. El firmware bluetooth o los controladores de software del sistema operativo en versiones de macOS anteriores a la 10.13, versio... • http://www.cs.technion.ac.il/~biham/BT • CWE-325: Missing Cryptographic Step CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4266 – Apple Security Advisory 2018-7-9-5
https://notcve.org/view.php?id=CVE-2018-4266
09 Jul 2018 — A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Se abordó una condición de carrera con una validación adicional. Este problema afectaba a las versiones anteriores de: iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 para Windows, iCloud para Windows 7.6. Multiple vulnerabilities have been found in WebKitGTK+, the worst of... • https://support.apple.com/kb/HT208932 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 1CVE-2018-4248 – Apple Security Advisory 2018-10-30-14
https://notcve.org/view.php?id=CVE-2018-4248
09 Jul 2018 — An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. Se abordó un problema de lectura fuera de límites con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 11.4.1, macOS High Sierra en versiones anteriores a la 10.13.6, tvOS en versiones anteriores a la 11.4.1 y watchOS en versiones anteriores a la 4.3.2. macOS High Sierra 10.13.6, Security Upd... • https://github.com/bazad/xpc-string-leak • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-4263 – Apple Safari InputType Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4263
09 Jul 2018 — Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 11.4.1, tvOS en versiones anteriores a la 11.4.1, Safari en versiones anteriores a la 11.1.2, iTunes para Windows en versiones anteriores a la 12.8 y iClo... • https://support.apple.com/kb/HT208932 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •