CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4133 – Ubuntu Security Notice USN-3635-1
https://notcve.org/view.php?id=CVE-2018-4133
30 Mar 2018 — An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Se ha descubierto un problema en algunos productos Apple. • http://www.securityfocus.com/bid/103580 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4137 – Apple Security Advisory 2018-3-29-1
https://notcve.org/view.php?id=CVE-2018-4137
30 Mar 2018 — An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows remote attackers to read autofilled data by leveraging lack of a user-confirmation requirement. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1040604 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4116 – Apple Security Advisory 2018-3-29-6
https://notcve.org/view.php?id=CVE-2018-4116
30 Mar 2018 — An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1040606 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-4127 – Apple Safari RenderLayer Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4127
30 Mar 2018 — An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1040604 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 30%CPEs: 8EXPL: 6CVE-2018-4121 – WebKit - WebAssembly Parsing Does not Correctly Check Section Order
https://notcve.org/view.php?id=CVE-2018-4121
30 Mar 2018 — An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/44427 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-4165 – Ubuntu Security Notice USN-3635-1
https://notcve.org/view.php?id=CVE-2018-4165
30 Mar 2018 — An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1040604 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2018-4114 – Ubuntu Security Notice USN-3635-1
https://notcve.org/view.php?id=CVE-2018-4114
30 Mar 2018 — An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1040604 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2017-7153 – Ubuntu Security Notice USN-3551-1
https://notcve.org/view.php?id=CVE-2017-7153
26 Jan 2018 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof user-interface information (about whether the entire content is derived from a valid TLS session) via a crafted web site that sends a 401 Unauthorized redirect. Se ha des... • https://support.apple.com/HT208324 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2017-13885 – Apple Safari DFG JIT Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-13885
26 Jan 2018 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://support.apple.com/HT208324 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-7165 – Apple Safari HTMLButtonElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7165
26 Jan 2018 — An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://support.apple.com/HT208324 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •