Page 332 of 3271 results (0.010 seconds)

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2018-4225

https://notcve.org/view.php?id=CVE-2018-4225

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on Keychain state modifications. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de iCloud anteriores a la 7.5 en Windows, las versiones de iTunes anteriores a la 12.7.5 en Windows y las versiones de watchOS anteriores a la 4.3.1. • http://www.securityfocus.com/bid/104889 http://www.securitytracker.com/id/1041027 https://support.apple.com/HT208848 https://support.apple.com/HT208849 https://support.apple.com/HT208851 https://support.apple.com/HT208852 https://support.apple.com/HT208853 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 91%CPEs: 10EXPL: 2

CVE-2018-4200 – WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free

https://notcve.org/view.php?id=CVE-2018-4200

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/44566 http://www.securityfocus.com/bid/103961 http://www.securitytracker.com/id/1040743 https://bugs.chromium.org/p/project-zero/issues/detail?id=1525 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208741 https://support.apple.com/HT208743 https://support.apple.com/HT208850 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://usn.ubuntu.com/3640-1 https://access.redhat.com/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2018-4204 – Apple Safari Array splice Out-Of-Bounds Access Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2018-4204

An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/103961 http://www.securitytracker.com/id/1040743 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208741 https://support.apple.com/HT208743 https://support.apple.com/HT208848 https://support.apple.com/HT208850 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://access.redhat.com/security/cve/CVE-2018-4204 https://bugzilla.redhat.com/show_bug.cgi?id=1577374 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2

CVE-2018-4206 – Apple macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership Rules

https://notcve.org/view.php?id=CVE-2018-4206

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app that replaces a privileged port name. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3.1, las versiones de macOS anteriores a la 10.13.4 Security Update 2018-001, las versiones de tvOS anteriores a la 11.4 y las versiones de watchOS anteriores a la 4.3.1 se han visto afectadas. • https://www.exploit-db.com/exploits/44562 http://www.securityfocus.com/bid/103957 http://www.securityfocus.com/bid/103958 http://www.securitytracker.com/id/1040744 https://bugs.chromium.org/p/project-zero/issues/detail?id=1529 https://support.apple.com/HT208742 https://support.apple.com/HT208743 https://support.apple.com/HT208850 https://support.apple.com/HT208851 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2018-4187

https://notcve.org/view.php?id=CVE-2018-4187

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a crafted URL in a text message. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3.1, las versiones de macOS anteriores a la 10.13.4 Security Update 2018-001 se han visto afectadas. • http://www.securityfocus.com/bid/103957 http://www.securityfocus.com/bid/103958 http://www.securitytracker.com/id/1040744 https://support.apple.com/HT208742 https://support.apple.com/HT208743 https://support.apple.com/kb/HT209193 • CWE-20: Improper Input Validation •