CVE-2018-4377
https://notcve.org/view.php?id=CVE-2018-4377
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Existía un problema de cross-Site Scripting (XSS) en Safari. Este problema se abordó con una validación de URL mejorada. • https://support.apple.com/kb/HT209192 https://support.apple.com/kb/HT209195 https://support.apple.com/kb/HT209196 https://support.apple.com/kb/HT209197 https://support.apple.com/kb/HT209198 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-4400
https://notcve.org/view.php?id=CVE-2018-4400
A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1. Un problema de validación se abordó con una lógica mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1, macOS Mojave en versiones anteriores a la 10.14.1 y watchOS en versiones anteriores a la 5.1. • https://support.apple.com/kb/HT209192 https://support.apple.com/kb/HT209193 https://support.apple.com/kb/HT209195 • CWE-20: Improper Input Validation •
CVE-2018-4390
https://notcve.org/view.php?id=CVE-2018-4390
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing. Se abordó un problema de interfaz de usuario inconsistente con una administración de estado mejorada.  Este problema se corrigió en macOS High Sierra versión 10.13.1, Security Update 2017-001 Sierra y Security Update 2017-004 El Capitan, watchOS versión 4.3, iOS versión 12.1. • https://support.apple.com/en-us/HT208221 https://support.apple.com/en-us/HT208696 https://support.apple.com/en-us/HT209192 •
CVE-2018-4394
https://notcve.org/view.php?id=CVE-2018-4394
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1. Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1, macOS Mojave en versiones anteriores a la 10.14.1, tvOS en versiones anteriores a la 12.1, watchOS en versiones anteriores a la 5.1 y iTunes 12.9.1. • https://support.apple.com/kb/HT209192 https://support.apple.com/kb/HT209193 https://support.apple.com/kb/HT209194 https://support.apple.com/kb/HT209195 https://support.apple.com/kb/HT209197 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4371
https://notcve.org/view.php?id=CVE-2018-4371
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. Se abordó un problema de lectura fuera de límites con una validación de entradas mejorada. Este problema afectaba a iOS en versiones anteriores a la 12.1; macOS Mojave en versiones anteriores a la 10.14.1; tvOS en versiones anteriores a la 12.1 y watchOS 5.1. • https://support.apple.com/kb/HT209192 https://support.apple.com/kb/HT209193 https://support.apple.com/kb/HT209194 https://support.apple.com/kb/HT209195 • CWE-125: Out-of-bounds Read •