Lucene search

K

357 matches found

CVE
CVE
added 2019/12/18 6:15 p.m.70 views

CVE-2019-8540

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.

7.1CVSS5.4AI score0.0085EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.70 views

CVE-2019-8545

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory.

7.1CVSS6.5AI score0.00171EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.70 views

CVE-2019-8568

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A local user may be able to modify protected parts of the file system.

5.5CVSS5.4AI score0.00063EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.70 views

CVE-2019-8657

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution.

8.8CVSS7.8AI score0.00645EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.70 views

CVE-2019-8794

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory.

5.5CVSS5.3AI score0.00359EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.69 views

CVE-2018-4321

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.

5.3CVSS5.8AI score0.00298EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.69 views

CVE-2018-4400

A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.

5.5CVSS5.4AI score0.00196EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.69 views

CVE-2019-6202

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. A malicious application may be able to elevate privileges.

7.8CVSS6.3AI score0.00259EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.69 views

CVE-2019-8504

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4. A local user may be able to read kernel memory.

5.5CVSS5.2AI score0.00112EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.68 views

CVE-2018-4377

A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

6.1CVSS6AI score0.00643EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.68 views

CVE-2019-8511

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges.

7.8CVSS7.2AI score0.00513EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.68 views

CVE-2019-8648

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.

9.8CVSS8.3AI score0.01127EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.68 views

CVE-2019-8665

A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, watchOS 5.3. A remote attacker may cause an unexpected application termination.

7.5CVSS6.9AI score0.00683EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.67 views

CVE-2018-4355

A configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

5.5CVSS6.2AI score0.00197EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.67 views

CVE-2019-6219

A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. Processing a maliciously crafted message may lead to a denial of service.

7.5CVSS6.9AI score0.01042EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.67 views

CVE-2019-8562

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.

9.6CVSS8AI score0.00475EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.67 views

CVE-2019-8804

An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup.

5.7CVSS5.5AI score0.00155EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.66 views

CVE-2018-4409

A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

6.5CVSS6.6AI score0.00439EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.66 views

CVE-2019-8556

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00758EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.65 views

CVE-2018-4336

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

9.3CVSS7.9AI score0.00185EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.65 views

CVE-2018-4427

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Security Update 2018-006.

9.3CVSS7.2AI score0.00185EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.65 views

CVE-2019-6211

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.2AI score0.00643EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.65 views

CVE-2019-7284

This issue was addressed with improved checks. This issue is fixed in iOS 12.2. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing.

4.3CVSS5.1AI score0.00351EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.65 views

CVE-2019-8541

A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs.

3.3CVSS4.7AI score0.00149EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.65 views

CVE-2019-8793

A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2. A local user may be able to record the screen without a visible screen recording indicator.

5.5CVSS5.3AI score0.00139EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.64 views

CVE-2017-13888

In iOS before 11.2, a type confusion issue was addressed with improved memory handling.

7.5CVSS6.9AI score0.00241EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.64 views

CVE-2019-8510

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.

5.5CVSS5.3AI score0.00068EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.64 views

CVE-2019-8620

A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address.

7.5CVSS7.1AI score0.00386EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.63 views

CVE-2018-4360

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

8.8CVSS8.1AI score0.00704EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.63 views

CVE-2019-8682

The issue was addressed with improved UI handling. This issue is fixed in iOS 12.4, watchOS 5.3. A user may inadvertently complete an in-app purchase while on the lock screen.

2.4CVSS4.5AI score0.00045EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.62 views

CVE-2018-4189

In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling.

10CVSS8.6AI score0.00757EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.62 views

CVE-2018-4248

An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.

7.5CVSS5.8AI score0.02821EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.62 views

CVE-2019-8567

A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.2. A device may be passively tracked by its WiFi MAC address.

7.5CVSS7.4AI score0.00399EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.61 views

CVE-2018-4343

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

9.3CVSS7.9AI score0.03814EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.61 views

CVE-2019-6200

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code.

8.8CVSS7.1AI score0.00165EPSS
CVE
CVE
added 2019/03/05 4:29 p.m.61 views

CVE-2019-6228

A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue is fixed in iOS 12.1.3, Safari 12.0.3. Processing maliciously crafted web content may lead to a cross site scripting attack.

6.1CVSS5.8AI score0.00333EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.61 views

CVE-2019-8698

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites.

4.3CVSS4.5AI score0.00252EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.60 views

CVE-2018-4330

In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling.

9.3CVSS7.3AI score0.16005EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.60 views

CVE-2018-4333

A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

5.5CVSS6AI score0.00197EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.60 views

CVE-2018-4366

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.

7.5CVSS7.5AI score0.0969EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.60 views

CVE-2019-8505

A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting.

6.1CVSS5.9AI score0.00323EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.60 views

CVE-2019-8593

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.

9.3CVSS8.3AI score0.00384EPSS
CVE
CVE
added 2019/12/18 6:15 p.m.60 views

CVE-2019-8704

An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information.

5.5CVSS6AI score0.00047EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.59 views

CVE-2016-4643

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.

6.5CVSS7.1AI score0.00371EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.59 views

CVE-2017-2411

In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.

5.9CVSS6.3AI score0.00322EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.59 views

CVE-2018-4269

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

8.6CVSS6.3AI score0.00305EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.59 views

CVE-2018-4271

Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

6.5CVSS7.4AI score0.00333EPSS
CVE
CVE
added 2019/04/03 6:29 p.m.59 views

CVE-2018-4367

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.

9.8CVSS8AI score0.06785EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.58 views

CVE-2016-4642

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings.

5.9CVSS6.9AI score0.00361EPSS
CVE
CVE
added 2019/01/11 6:29 p.m.58 views

CVE-2017-13891

In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management.

6.5CVSS6.4AI score0.00255EPSS
Total number of security vulnerabilities357