Total
11829 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-4346 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A validation issue existed which allowed local file access. This was addressed with input sanitization. This issue affected versions prior to macOS Mojave 10.14.
|
|||||
| CVE-2018-4342 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.1.
|
|||||
| CVE-2018-4338 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.
|
|||||
| CVE-2018-4335 | 1 Apple | 1 Iphone Os | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12.
|
|||||
| CVE-2018-4333 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14.
|
|||||
| CVE-2018-4322 | 1 Apple | 1 Iphone Os | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.
|
|||||
| CVE-2018-4321 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.
|
|||||
| CVE-2018-4313 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.
|
|||||
| CVE-2018-4307 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12.
|
|||||
| CVE-2018-4305 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.
|
|||||
| CVE-2018-4304 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.0 MEDIUM |
|
A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
|
|||||
| CVE-2018-4303 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14, iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
|
|||||
| CVE-2018-4295 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.
|
|||||
| CVE-2018-4293 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
|
|||||
| CVE-2018-4279 | 1 Apple | 1 Safari | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2.
|
|||||
| CVE-2018-4277 | 1 Apple | 5 Iphone Os, Mac Os X, Safari and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
|
|||||
| CVE-2018-4274 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.
|
|||||
| CVE-2018-4260 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.
|
|||||
| CVE-2018-4254 | 1 Apple | 1 Mac Os X | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation.
|
|||||
| CVE-2018-4250 | 1 Apple | 1 Iphone Os | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message.
|
|||||
| CVE-2018-4247 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (persistent Safari outage) via a crafted web site.
|
|||||
| CVE-2018-4240 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message.
|
|||||
| CVE-2018-4225 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on Keychain state modifications.
|
|||||
| CVE-2018-4213 | 4 Apple, Canonical, Microsoft and 1 more | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
|
|||||
| CVE-2018-4209 | 4 Apple, Canonical, Microsoft and 1 more | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
|
|||||
| CVE-2018-4208 | 4 Apple, Canonical, Microsoft and 1 more | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
|
|||||
| CVE-2018-4207 | 4 Apple, Canonical, Microsoft and 1 more | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
|
|||||
| CVE-2018-4205 | 1 Apple | 1 Safari | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in certain Apple products. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site.
|
|||||
| CVE-2018-4202 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "iBooks" component. It allows man-in-the-middle attackers to spoof a password prompt.
|
|||||
| CVE-2018-4198 | 1 Apple | 4 Apple Tv, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file.
|
|||||
| CVE-2018-4195 | 1 Apple | 1 Safari | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 12.
|
|||||
| CVE-2018-4188 | 2 Apple, Microsoft | 6 Apple Tv, Icloud, Iphone Os and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site.
|
|||||
| CVE-2018-4187 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a crafted URL in a text message.
|
|||||
| CVE-2018-4176 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Images" component. It allows attackers to trigger an app launch upon mounting a crafted disk image.
|
|||||
| CVE-2018-4175 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "LaunchServices" component. It allows attackers to bypass the code-signing protection mechanism via a crafted app.
|
|||||
| CVE-2018-4149 | 1 Apple | 1 Iphone Os | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "SafariViewController" component. It allows remote attackers to spoof the user interface via a crafted web site that leverages input into a partially loaded page.
|
|||||
| CVE-2018-4142 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted string.
|
|||||
| CVE-2018-4134 | 1 Apple | 1 Iphone Os | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the user interface via a crafted web site.
|
|||||
| CVE-2018-4116 | 1 Apple | 1 Safari | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site.
|
|||||
| CVE-2018-4108 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Management" component. It allows attackers to trigger truncation of an APFS volume password via an unspecified injection.
|
|||||