CVE-2018-11025

kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD3rd Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/twl6030-gpadc with the command 24832 and cause a kernel crash...

CVE-2018-11023

kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD 3rd Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3222560159 and cause a kernel crash...

CVE-2018-11022

kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD3rd Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3224132973 and cause a kernel crash...

CVE-2018-11020

kernel/omap/drivers/rpmsg/rpmsgomx.c in the kernel component in Amazon Kindle Fire HD3rd Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash...

CVE-2018-11024

kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD 3rd Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 1077435789 and cause a kernel crash...

PT-2018-1661 · Microsoft · Windows 10 Servers +12

Name of the Vulnerable Software and Affected Versions: Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2019 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers Description: The issue is related to the Win32k...

The vulnerability of the Win32k component in Windows operating systems, which allows attackers to increase their privileges

The vulnerability of the Win32k component in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

CVE-2018-4241

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcpusrconnectx allows attackers to execute arbitrary...

CVE-2018-4249

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglripfilterinput in com.apple.packet-mangler in the "Kernel" component. It allows attackers to...

CVE-2018-4243

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary co...

Integer overflow

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglripfilterinput in com.apple.packet-mangler in the "Kernel" component. It allows attackers to...

CVE-2018-4241

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcpusrconnectx allows attackers to execute arbitrary...

CVE-2018-4249

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglripfilterinput in com.apple.packet-mangler in the "Kernel" component. It allows attackers to...

Denial of service vulnerability in multiple apple products (CNVD-2018-12165)

Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; macOS High Sierra is a specialized operating system for Mac computers; tvOS is a smart TV operating system; and watchOS is a smart watch operating system. kernel is a...

PT-2018-1378 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 11.4 macOS versions prior to 10.13.5 tvOS versions prior to 11.4 watchOS versions prior to 4.3.1 Description: The issue involves the pktmnglr ipfilter input function in com.apple.packet-mangler in the Kernel component,...

CVE-2018-4160

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service out-of-bounds read via a crafted app...

CVE-2018-4150

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause...

CVE-2018-4092

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to bypass intended memory-read...

CVE-2018-4090

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a...

CVE-2018-4097

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app...