CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4270
https://notcve.org/view.php?id=CVE-2018-4270
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 11.4.1, tvOS en versiones anteriores a la 11.4.1, watchOS en versiones anteriores a la 4.3.2, Safari en versiones anteriores a la 11.1.2, iTunes en versiones anteriores a la 12.8 para Windows y iCloud para Windows en versiones anteriores a la 7.6. • https://support.apple.com/kb/HT208932 https://support.apple.com/kb/HT208933 https://support.apple.com/kb/HT208934 https://support.apple.com/kb/HT208935 https://support.apple.com/kb/HT208936 https://support.apple.com/kb/HT208938 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-4277
https://notcve.org/view.php?id=CVE-2018-4277
In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. En iOS en versiones anteriores a la 11.4.1, watchOS en versiones anteriores a la 4.3.2, tvOS en versiones anteriores a la 11.4.1, Safari en versiones anteriores a la 11.1.1 y macOS High Sierra en versiones anteriores a la 10.13.6, existía un problema de suplantación en el manejo de URL. Este problema se abordó mediante la mejora de la validación de entradas. • http://www.securitytracker.com/id/1041232 https://support.apple.com/HT208854 https://support.apple.com/HT208935 https://support.apple.com/HT208936 https://support.apple.com/HT208937 https://support.apple.com/HT208938 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4284
https://notcve.org/view.php?id=CVE-2018-4284
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. Un problema de confusión de tipo se abordó con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 11.4.1, tvOS en versiones anteriores a la 11.4.1, watchOS en versiones anteriores a la 4.3.2, Safari en versiones anteriores a la 11.1.2, iTunes para Windows en versiones anteriores a la 12.8 y iCloud para Windows en versiones anteriores a la 7.6. • https://support.apple.com/kb/HT208932 https://support.apple.com/kb/HT208933 https://support.apple.com/kb/HT208934 https://support.apple.com/kb/HT208935 https://support.apple.com/kb/HT208936 https://support.apple.com/kb/HT208938 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4250
https://notcve.org/view.php?id=CVE-2018-4250
An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4 se han visto afectadas. • http://www.securitytracker.com/id/1041031 https://support.apple.com/HT208848 • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4252
https://notcve.org/view.php?id=CVE-2018-4252
An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and obtain private notification content via Siri. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4 se han visto afectadas. • http://www.securitytracker.com/id/1041031 https://support.apple.com/HT208848 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •