CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-4198
https://notcve.org/view.php?id=CVE-2018-4198
01 Jun 2018 — An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file. Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de tvOS anteriores a la 11.4 y las versiones de ... • http://www.securitytracker.com/id/1041027 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4171
https://notcve.org/view.php?id=CVE-2018-4171
01 Jun 2018 — An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4141
https://notcve.org/view.php?id=CVE-2018-4141
01 Jun 2018 — An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2018-4202
https://notcve.org/view.php?id=CVE-2018-4202
01 Jun 2018 — An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "iBooks" component. It allows man-in-the-middle attackers to spoof a password prompt. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11.4 y las versiones de macOS anteriores a la 10.13.5. • http://www.securityfocus.com/bid/104897 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4184
https://notcve.org/view.php?id=CVE-2018-4184
01 Jun 2018 — An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Speech" component. It allows attackers to bypass a sandbox protection mechanism to obtain microphone access. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4229
https://notcve.org/view.php?id=CVE-2018-4229
01 Jun 2018 — An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatch" component. It allows attackers to bypass a sandbox protection mechanism by leveraging the misparsing of entitlement plists. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4196 – Apple macOS Dock Service DSSetDesktopForDisplayAndSpace Uninitialized Pointer Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-4196
01 Jun 2018 — An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or obtain sensitive information via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4228
https://notcve.org/view.php?id=CVE-2018-4228
01 Jun 2018 — An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages a race condition. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4234
https://notcve.org/view.php?id=CVE-2018-4234
01 Jun 2018 — An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4236
https://notcve.org/view.php?id=CVE-2018-4236
01 Jun 2018 — An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Se ha descubierto un problema en algunos productos Apple. Las versiones de macOS anteriores a la 10.13.5 se han visto afectadas. • http://www.securitytracker.com/id/1041027 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •