CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4447 – Apple macOS watchevent Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-4447
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. Un problema de corrupción de memoria se abordó con una gestión de estado mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1.1, macOS Mojave en versiones anteriores a la 10.14.2, tvOS en versiones anteriores a la 12.1.1, watchOS en versiones anteriores a la 5.1.2. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4431
https://notcve.org/view.php?id=CVE-2018-4431
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. Un problema de inicialización de memoria se abordó con una gestión de memoria mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1.1; macOS Mojave en versiones anteriores a la 10.14.2; tvOS en versiones anteriores a la 12.1.1 y watchOS en versiones anteriores a la 5.1.2. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4460
https://notcve.org/view.php?id=CVE-2018-4460
A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. Un problema de divulgación de información se abordó eliminando el código vulnerable. Este problema afectaba a iOS en versiones anteriores a la 12.1.1, macOS Mojave en versiones anteriores a la 10.14.2, tvOS en versiones anteriores a la 12.1.1, watchOS en versiones anteriores a la 5.1.2. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4461
https://notcve.org/view.php?id=CVE-2018-4461
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1.1, macOS Mojave en versiones anteriores a la 10.14.2, tvOS en versiones anteriores a la 12.1.1 y watchOS en versiones anteriores a la 5.1.2. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2018-4435 – Apple macOS shm Uninitialized Data Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4435
A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. Se abordó un problema de lógica con restricciones mejoradas. Este problema afectaba a iOS en versiones anteriores a la 12.1.1; macOS Mojave en versiones anteriores a la 10.14.2; tvOS en versiones anteriores a la 12.1.1 y watchOS en versiones anteriores a la 5.1.2. This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. • https://www.exploit-db.com/exploits/45960 https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209341 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-20: Improper Input Validation •