Apple Security Vulnerabilities
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code...
7.8CVSS
7AI Score
0.008EPSS
An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri Contacts" component. It allows physically proximate attackers to discover private contact information via Siri.
4.6CVSS
4.4AI Score
0.001EPSS
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" co...
8.8CVSS
8.1AI Score
0.006EPSS
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (persistent Safari outage) via a crafted web site.
6.5CVSS
6.2AI Score
0.005EPSS
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.
7.5CVSS
5.8AI Score
0.004EPSS
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to ...
7.8CVSS
7.2AI Score
0.005EPSS
An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message.
6.5CVSS
5.6AI Score
0.001EPSS
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Firmware" component. It allows attackers to modify the EFI flash-memory region that a crafted app that has root access.
5.5CVSS
5.7AI Score
0.001EPSS
An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and obtain private notification content via Siri.
4.6CVSS
4.6AI Score
0.001EPSS
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "AMD" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read of kernel memory) via a crafted app.
5.5CVSS
5.6AI Score
0.0005EPSS
In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation.
9.8CVSS
7AI Score
0.002EPSS
In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.
5.5CVSS
5.8AI Score
0.0004EPSS
In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.
5.5CVSS
5.8AI Score
0.0004EPSS
In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation.
9.8CVSS
7.5AI Score
0.003EPSS
In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved bounds checking.
9.8CVSS
7.5AI Score
0.003EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
9.8CVSS
7AI Score
0.004EPSS
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.
6.5CVSS
6.4AI Score
0.001EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
8.8CVSS
8.2AI Score
0.006EPSS
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.
8.8CVSS
8.2AI Score
0.006EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
8.8CVSS
8.2AI Score
0.006EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
8.8CVSS
8.2AI Score
0.008EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
8.8CVSS
8.2AI Score
0.006EPSS
A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
5.9CVSS
6.5AI Score
0.007EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
8.8CVSS
8.2AI Score
0.006EPSS
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
9.8CVSS
6.7AI Score
0.007EPSS
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
8.6CVSS
6.3AI Score
0.002EPSS
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
6.5CVSS
7.1AI Score
0.006EPSS
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
6.5CVSS
7.4AI Score
0.006EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
8.8CVSS
8.2AI Score
0.008EPSS
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
6.5CVSS
7.4AI Score
0.006EPSS
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.
7.5CVSS
7AI Score
0.001EPSS
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1.
8.6CVSS
7.3AI Score
0.001EPSS
A null pointer dereference was addressed with improved validation. This issue affected versions prior to macOS High Sierra 10.13.6.
7.5CVSS
5.5AI Score
0.001EPSS
In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
7.5CVSS
5.7AI Score
0.005EPSS
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
4.3CVSS
5.5AI Score
0.004EPSS
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2.
5.3CVSS
5.8AI Score
0.001EPSS
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.
7.8CVSS
5.9AI Score
0.002EPSS
In SwiftNIO before 1.8.0, a buffer overflow was addressed with improved size validation.
9.8CVSS
8.9AI Score
0.003EPSS
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2.
5.5CVSS
5.7AI Score
0.001EPSS
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6.
5.5CVSS
4.8AI Score
0.0004EPSS
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
8.8CVSS
7.5AI Score
0.007EPSS
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
7.8CVSS
6AI Score
0.001EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
9.8CVSS
7AI Score
0.004EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
9.8CVSS
7AI Score
0.004EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
9.8CVSS
7AI Score
0.004EPSS
An information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra 10.13.6.
5.5CVSS
5.6AI Score
0.001EPSS
A denial of service issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, watchOS 4.3.2.
5.9CVSS
5.9AI Score
0.001EPSS
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
9.8CVSS
7AI Score
0.004EPSS
A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
5.3CVSS
5.7AI Score
0.003EPSS
An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.
9.8CVSS
7.2AI Score
0.002EPSS