CVSS: 8.8EPSS: 85%CPEs: 7EXPL: 1CVE-2018-4443 – WebKit JSC - 'AbstractValue::set' Use-After-Free
https://notcve.org/view.php?id=CVE-2018-4443
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1, tvOS en versiones anteriores a la 12.1.1, watchOS en versiones anteriores a la 5.1.2, Safari en versiones anteriores a la 12.0.2, iTunes en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. WebKit JSC suffers from a use-after-free vulnerability that can be used to bypass write barriers. • https://www.exploit-db.com/exploits/46071 https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4437
https://notcve.org/view.php?id=CVE-2018-4437
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1, tvOS en versiones anteriores a la 12.1.1, watchOS en versiones anteriores a la 5.1.2, Safari en versiones anteriores a la 12.0.2, iTunes para Windows en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-4464
https://notcve.org/view.php?id=CVE-2018-4464
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1; tvOS en versiones anteriores a la 12.1.1; watchOS en versiones anteriores a la 5.1.2, Safari en versiones anteriores a la 12.0.2; iTunes para Windows en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-4440
https://notcve.org/view.php?id=CVE-2018-4440
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Un problema de lógica se abordó con una gestión de estado mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1, Safari en versiones anteriores a la 12.0.2, iTunes para Windows en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 51%CPEs: 7EXPL: 1CVE-2018-4438 – WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains
https://notcve.org/view.php?id=CVE-2018-4438
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Existía un problema de lógica que resultaba en una corrupción de memoria. Este problema se abordó con una gestión de estado mejorada. • https://www.exploit-db.com/exploits/45984 https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •