Page 332 of 3272 results (0.028 seconds)

CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0

CVE-2018-4211

https://notcve.org/view.php?id=CVE-2018-4211

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de tvOS anteriores a la 11.4 y las versiones de watchOS anteriores a la 4.3.1 se han visto afectadas. • http://www.securitytracker.com/id/1041027 https://support.apple.com/HT208848 https://support.apple.com/HT208849 https://support.apple.com/HT208850 https://support.apple.com/HT208851 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2018-4204 – Apple Safari Array splice Out-Of-Bounds Access Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2018-4204

An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/103961 http://www.securitytracker.com/id/1040743 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208741 https://support.apple.com/HT208743 https://support.apple.com/HT208848 https://support.apple.com/HT208850 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://access.redhat.com/security/cve/CVE-2018-4204 https://bugzilla.redhat.com/show_bug.cgi?id=1577374 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2018-4187

https://notcve.org/view.php?id=CVE-2018-4187

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a crafted URL in a text message. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3.1, las versiones de macOS anteriores a la 10.13.4 Security Update 2018-001 se han visto afectadas. • http://www.securityfocus.com/bid/103957 http://www.securityfocus.com/bid/103958 http://www.securitytracker.com/id/1040744 https://support.apple.com/HT208742 https://support.apple.com/HT208743 https://support.apple.com/kb/HT209193 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 91%CPEs: 10EXPL: 2

CVE-2018-4200 – WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free

https://notcve.org/view.php?id=CVE-2018-4200

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/44566 http://www.securityfocus.com/bid/103961 http://www.securitytracker.com/id/1040743 https://bugs.chromium.org/p/project-zero/issues/detail?id=1525 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208741 https://support.apple.com/HT208743 https://support.apple.com/HT208850 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://usn.ubuntu.com/3640-1 https://access.redhat.com/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2

CVE-2018-4206 – Apple macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership Rules

https://notcve.org/view.php?id=CVE-2018-4206

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app that replaces a privileged port name. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3.1, las versiones de macOS anteriores a la 10.13.4 Security Update 2018-001, las versiones de tvOS anteriores a la 11.4 y las versiones de watchOS anteriores a la 4.3.1 se han visto afectadas. • https://www.exploit-db.com/exploits/44562 http://www.securityfocus.com/bid/103957 http://www.securityfocus.com/bid/103958 http://www.securitytracker.com/id/1040744 https://bugs.chromium.org/p/project-zero/issues/detail?id=1529 https://support.apple.com/HT208742 https://support.apple.com/HT208743 https://support.apple.com/HT208850 https://support.apple.com/HT208851 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •