CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4185
https://notcve.org/view.php?id=CVE-2018-4185
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. En iOS en versiones anteriores a la 11.3, tvOS en versiones anteriores a la 11.3, watchOS en versiones anteriores a la 4.3 y macOS en versiones anteriores a High Sierra 10.13.4, existía un problema de divulgación de información en la transición del estado del programa. Este problema se abordó mediante la mejora del manejo de los estados. • https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://support.apple.com/HT208696 https://support.apple.com/HT208698 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13888
https://notcve.org/view.php?id=CVE-2017-13888
In iOS before 11.2, a type confusion issue was addressed with improved memory handling. En iOS en versiones anteriores a la 11.2, se abordó un problema de confusión de tipos con la mejora de la gestión de memoria. • https://support.apple.com/HT208334 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-2411
https://notcve.org/view.php?id=CVE-2017-2411
In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates. En iOS en versiones anteriores a la 11.2, los tipos de cambio se recuperaron de HTTP en lugar de HTTPS. Esto se abordó habilitando HTTPS para los tipos de cambio. • https://support.apple.com/HT208334 • CWE-254: 7PK - Security Features •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-4436
https://notcve.org/view.php?id=CVE-2018-4436
A certificate validation issue existed in configuration profiles. This was addressed with additional checks. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2. Existía un problema de validación de certificados en los perfiles de configuración. El problema se abordó con comprobaciones adicionales. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 • CWE-295: Improper Certificate Validation •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-4439
https://notcve.org/view.php?id=CVE-2018-4439
A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Un problema de lógica se abordó con una validación mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1; Safari en versiones anteriores a la 12.0.2; iTunes para Windows en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-20: Improper Input Validation •