CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

266 matches found

GoogleProjectZero•added 2019/08/29 12:0 a.m.•67 views

In-the-wild iOS Exploit Chain 4

Posted by Ian Beer, Project Zero TL;DR This exploit chain supported iOS 12-12.1, although the two vulnerabilities were unpatched when we discovered the chain in the wild. It was these two vulnerabilities which we reported to Apple with a 7-day deadline, leading to the release of iOS 12.1.4. The...

7.5CVSS8.3AI score0.05228EPSS

Exploits1

GoogleProjectZero•added 2019/08/29 12:0 a.m.•42 views

Implant Teardown

Posted by Ian Beer, Project Zero In the earlier posts we examined how the attackers gained unsandboxed code execution as root on iPhones. At the end of each chain we saw the attackers calling posixspawn, passing the path to their implant binary which they dropped in /tmp. This starts the implant...

7.5CVSS8.1AI score0.05228EPSS

Exploits1

exploitpack•added 2019/07/30 12:0 a.m.•28 views

iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects

iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects The class NSDataFileBackedFuture can be deserialized even if secure encoding is enabled. This class is a file-backed NSData object that loads a local file into memory when the NSData bytes selector is called. This...

0.7AI score

Exploits0

NVD•added 2019/04/03 6:29 p.m.•19 views

CVE-2018-4426

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

9.3CVSS7.6AI score0.00192EPSS

Exploits0References5

NVD•added 2019/04/03 6:29 p.m.•15 views

CVE-2018-4412

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7...

7.8CVSS7.7AI score0.00379EPSS

Exploits0References7

NVD•added 2019/04/03 6:29 p.m.•12 views

CVE-2018-4414

7.8CVSS7.7AI score0.00379EPSS

Exploits0References6

NVD•added 2019/04/03 6:29 p.m.•15 views

CVE-2018-4399

An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

5.5CVSS5.5AI score0.00279EPSS

Exploits0References5

NVD•added 2019/04/03 6:29 p.m.•9 views

CVE-2018-4408

A memory corruption issue was addressed with improved input validation This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

9.3CVSS7.6AI score0.00192EPSS

Exploits0References5

NVD•added 2019/04/03 6:29 p.m.•9 views

CVE-2018-4401

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

9.3CVSS7.6AI score0.00192EPSS

Exploits0References5

NVD•added 2019/04/03 6:29 p.m.•12 views

CVE-2018-4395

This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

5.5CVSS5.5AI score0.00065EPSS

Exploits0References5

NVD•added 2019/04/03 6:29 p.m.•16 views

CVE-2018-4383

A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

9.3CVSS7.5AI score0.00175EPSS

Exploits0References4

OSV•added 2019/04/03 6:29 p.m.•2 views

DEBIAN-CVE-2018-4361

A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

8.8CVSS6.4AI score0.00859EPSS

Exploits0References1

NVD•added 2019/04/03 6:29 p.m.•12 views

CVE-2018-4362

An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12...

6.5CVSS5.6AI score0.00222EPSS

Exploits0References2

NVD•added 2019/04/03 6:29 p.m.•16 views

CVE-2018-4363

An input validation issue existed in the kernel. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5...

7.1CVSS5.3AI score0.00233EPSS

Exploits0References3

NVD•added 2019/04/03 6:29 p.m.•12 views

CVE-2018-4359

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

8.8CVSS8.6AI score0.00927EPSS

Exploits0References6

NVD•added 2019/04/03 6:29 p.m.•11 views

CVE-2018-4352

A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12...

3.3CVSS3AI score0.00054EPSS

Exploits0References1

NVD•added 2019/04/03 6:29 p.m.•12 views

CVE-2018-4345

A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

6.1CVSS5.5AI score0.00419EPSS

Exploits0References5

NVD•added 2019/04/03 6:29 p.m.•12 views

CVE-2018-4356

A permissions issue existed. This issue was addressed with improved permission validation. This issue affected versions prior to iOS 12...

5.3CVSS4.4AI score0.00179EPSS

Exploits0References1

NVD•added 2019/04/03 6:29 p.m.•12 views

CVE-2018-4354

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

8.6CVSS8.1AI score0.00316EPSS

Exploits0References5

NVD•added 2019/04/03 6:29 p.m.•16 views

CVE-2018-4344

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

9.3CVSS7.4AI score0.00179EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by