Page 210 of 1647 results (0.012 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1

CVE-2018-4237 – Apple macOS task_set_special_port Port Overwrite Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2018-4237

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logic error. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de tvOS anteriores a la 11.4 y las versiones de watchOS anteriores a la 4.3.1 se han visto afectadas. • https://www.exploit-db.com/exploits/45916 http://www.securitytracker.com/id/1041027 https://support.apple.com/HT208848 https://support.apple.com/HT208849 https://support.apple.com/HT208850 https://support.apple.com/HT208851 https://github.com/saelo/pwn2own2018 •

CVSS: 8.8EPSS: 91%CPEs: 10EXPL: 2

CVE-2018-4200 – WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free

https://notcve.org/view.php?id=CVE-2018-4200

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/44566 http://www.securityfocus.com/bid/103961 http://www.securitytracker.com/id/1040743 https://bugs.chromium.org/p/project-zero/issues/detail?id=1525 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208741 https://support.apple.com/HT208743 https://support.apple.com/HT208850 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://usn.ubuntu.com/3640-1 https://access.redhat.com/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2018-4204 – Apple Safari Array splice Out-Of-Bounds Access Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2018-4204

An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/103961 http://www.securitytracker.com/id/1040743 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208741 https://support.apple.com/HT208743 https://support.apple.com/HT208848 https://support.apple.com/HT208850 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://access.redhat.com/security/cve/CVE-2018-4204 https://bugzilla.redhat.com/show_bug.cgi?id=1577374 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2017-13873

https://notcve.org/view.php?id=CVE-2017-13873

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive network-activity information about arbitrary apps via a crafted app. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11, las versiones de macOS anteriores a la 10.13, las versiones de tvOS anteriores a la 11 y las versiones de watchOS anteriores a la 4. • https://support.apple.com/HT208112 https://support.apple.com/HT208113 https://support.apple.com/HT208115 https://support.apple.com/HT208144 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2017-7164

https://notcve.org/view.php?id=CVE-2017-7164

An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. The issue involves the "App Store" component. It allows man-in-the-middle attackers to spoof password prompts. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.2 y las versiones de tvOS anteriores a la 11.2. • https://support.apple.com/HT208327 https://support.apple.com/HT208334 • CWE-20: Improper Input Validation •