CVE-2018-4347

CVE-2018-4347 is a use-after-free memory corruption issue in CoreText, affecting iOS ≤11, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes for Windows 12.9, and iCloud for Windows 7.7. Apple confirms a patch in iOS 12, macOS Mojave 10.14, watchOS 5, tvOS 12, and relevant Windows updates (HT209106/H...

CVE-2018-4344

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

CVE-2018-4345

CVE-2018-4345 is a cross-site scripting vulnerability in Safari (WebKit) that was addressed by improved URL validation. Affected products/versions include Safari 12 and earlier on macOS/iOS, tvOS 12, iTunes 12.9 for Windows, and iCloud for Windows 7.7. The vulnerability’s root cause is tied to UR...

CVE-2018-4328

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

CVE-2018-4345

A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

CVE-2018-4326

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14...

CVE-2018-4325

A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12...

CVE-2018-4323

CVE-2018-4323 relates to multiple memory corruption issues that were addressed in Apple’s ecosystem. Affected products include iOS 12 and later, tvOS 12, Safari 12, iTunes 12.9 for Windows, and iCloud for Windows 7.7. The root cause is described as memory corruption issues that were mitigated thr...

CVE-2018-4332

CVE-2018-4332 is a memory corruption vulnerability in the Heimdal component identified by Apple advisories for multiple Apple OSes. The issue affected iOS (versions before 12), macOS Mojave 10.14, tvOS 12, and watchOS 5, and was addressed via memory-management hardening in the corresponding Apple...

CVE-2018-4335

CVE-2018-4335 affects Apple iOS where the IOMobileFrameBuffer component had a validation issue that allowed reading restricted memory. The root cause is an input/validation defect that was fixed by improved input sanitization. Affected products/versions: iOS versions before 12.0 (iPhone/iPad/touc...

CVE-2018-4325

CVE-2018-4325 affects iOS prior to 12, tied to the Status Bar component. The issue is described as a logic issue addressed by improved restrictions. Red Hat and CNVD entries align with a local-access impact related to discovering the last used app from the lock screen; no public exploit details a...

CVE-2018-4332

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

CVE-2018-4328

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

CVE-2018-4340

CVE-2018-4340 is a memory corruption vulnerability addressed by Apple across multiple platforms. The issue affected macOS Mojave 10.14 and earlier, iOS prior to 12, watchOS 5, and tvOS 12, arising from memory handling that could be exploited locally. Red Hat’s CVE entry reiterates the same descri...

CVE-2018-4316

CVE-2018-4316 is a WebKit/Safari memory corruption issue that affects iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, and iCloud for Windows. The root cause is memory corruption with improved state management, and the Apple security pages indicate it could allow arbitrary code execution when...

CVE-2018-4309

A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

CVE-2018-4322

This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12...

CVE-2018-4304

A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

CVE-2018-4312

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

CVE-2018-4317

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...