Page 207 of 1421 results (0.025 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2. Existía un problema de lectura fuera de límites que conducía a la divulgación de memoria del kernel. Este problema se abordó con una validación de entradas mejorada. • https://support.apple.com/kb/HT208935 https://support.apple.com/kb/HT208936 https://support.apple.com/kb/HT208938 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling. En Safari en versiones anteriores a la 11.1.2, iTunes en versiones anteriores a la 12.8 para Windows, iOS en versiones anteriores a la 11.4.1, tvOS en versiones anteriores a la 11.4.1 e iCloud para Windows en versiones anteriores a la 7.6, se abordaron múltiples problemas de corrupción de memoria mediante la mejora de la gestión de memoria. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RegExp's exec method in JIT. By performing actions in JavaScript, an attacker can trigger a type confusion condition. • http://www.securitytracker.com/id/1041232 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208934%2C https://support.apple.com/HT208935 https://support.apple.com/HT208938%2C https://usn.ubuntu.com/3743-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 10%CPEs: 8EXPL: 1

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/45048 http://www.securitytracker.com/id/1041029 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208848 https://support.apple.com/HT208850 https://support.apple.com/HT208851 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://support.apple.com/HT208854 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 1

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/45998 http://packetstormsecurity.com/files/153148/Safari-Webkit-Proxy-Object-Type-Confusion.html http://www.securitytracker.com/id/1041029 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208848 https://support.apple.com/HT208850 https://support.apple.com/HT208851 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://support.apple.com/HT208854 https://usn.ubuntu.com/3687-1 https://github.com/sa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1041029 https://support.apple.com/HT208848 https://support.apple.com/HT208850 https://support.apple.com/HT208851 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://support.apple.com/HT208854 https://usn.ubuntu.com/3743-1 • CWE-704: Incorrect Type Conversion or Cast •