CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4115
https://notcve.org/view.php?id=CVE-2018-4115
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access restrictions by leveraging incorrect configuration-profile persistence. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3, las versiones de macOS anteriores a la 10.13.4, las versiones de tvOS anteriores a la 11.3 y las versiones de watchOS anteriores a la 4.3 se han visto afectadas. • http://www.securitytracker.com/id/1040604 http://www.securitytracker.com/id/1040608 https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://support.apple.com/HT208696 https://support.apple.com/HT208698 • CWE-281: Improper Preservation of Permissions •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4143
https://notcve.org/view.php?id=CVE-2018-4143
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3, las versiones de macOS anteriores a la 10.13.4, las versiones de tvOS anteriores a la 11.3 y las versiones de watchOS anteriores a la 4.3 se han visto afectadas. • http://www.securitytracker.com/id/1040604 http://www.securitytracker.com/id/1040608 https://support.apple.com/HT208692 https://support.apple.com/HT208693 https://support.apple.com/HT208696 https://support.apple.com/HT208698 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2018-4110
https://notcve.org/view.php?id=CVE-2018-4110
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3 se han visto afectadas. • http://www.securityfocus.com/bid/103578 http://www.securitytracker.com/id/1040604 https://support.apple.com/HT208693 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4149
https://notcve.org/view.php?id=CVE-2018-4149
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "SafariViewController" component. It allows remote attackers to spoof the user interface via a crafted web site that leverages input into a partially loaded page. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.3 se han visto afectadas. • http://www.securityfocus.com/bid/103578 http://www.securitytracker.com/id/1040604 https://support.apple.com/HT208693 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4137
https://notcve.org/view.php?id=CVE-2018-4137
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows remote attackers to read autofilled data by leveraging lack of a user-confirmation requirement. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1040604 https://support.apple.com/HT208693 https://support.apple.com/HT208695 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •