Lucene search

K

71 matches found

CVE
CVE
added 2018/04/03 6:29 a.m.93 views

CVE-2017-13904

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS7.3AI score0.00386EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.92 views

CVE-2018-4139

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.7AI score0.01266EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.87 views

CVE-2018-4144

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" co...

9.3CVSS7.5AI score0.00406EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.81 views

CVE-2017-7000

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8.5AI score0.00615EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.81 views

CVE-2018-4157

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary code in a privileged ...

7.6CVSS7.3AI score0.00152EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.80 views

CVE-2017-7172

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Se...

9.3CVSS7.4AI score0.00423EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.80 views

CVE-2018-4166

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "NSURLSession" component. A race condition allows attackers to execute arbitrary code in a privilege...

7.6CVSS7.3AI score0.00152EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.78 views

CVE-2018-4088

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affect...

8.8CVSS7.6AI score0.00673EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.78 views

CVE-2018-4115

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves CFPreferences in the "System Preferences" component. It allows attackers to bypass intended access restr...

9.8CVSS6.9AI score0.01224EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.77 views

CVE-2018-4142

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) vi...

7.5CVSS6.8AI score0.03008EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.77 views

CVE-2018-4167

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute arbitrary code in a pri...

7.6CVSS7.2AI score0.00152EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.76 views

CVE-2018-4150

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS8.1AI score0.23703EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.75 views

CVE-2017-7171

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CoreAnimation" component. It allows attackers to execute arbitrary code in a privileged context or ...

9.3CVSS7.4AI score0.00244EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.75 views

CVE-2018-4104

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted ap...

5.5CVSS5.3AI score0.00238EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.75 views

CVE-2018-4158

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

7.6CVSS7.2AI score0.00155EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.74 views

CVE-2017-7065

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows remote attackers to execute arbitrary code (on the Wi-Fi chip) or cause a denial of service (memory...

8.8CVSS8.3AI score0.00992EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.74 views

CVE-2018-4155

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privile...

7.6CVSS7.3AI score0.00152EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.72 views

CVE-2017-7173

An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

5.5CVSS5AI score0.04078EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.72 views

CVE-2018-4100

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. watchOS before 4.2.2 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to cause a denial of service (resource consumption) via a crafted tex...

7.5CVSS6.9AI score0.04117EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.68 views

CVE-2017-13854

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial ...

9.3CVSS8.1AI score0.00244EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.67 views

CVE-2017-13890

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site.

7.4CVSS7.2AI score0.00645EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.67 views

CVE-2018-4096

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affect...

8.8CVSS7.6AI score0.00673EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.66 views

CVE-2018-4143

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a...

9.3CVSS8.1AI score0.00183EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.64 views

CVE-2017-13873

An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive network-activity information about arbitrary app...

4.3CVSS4.8AI score0.00335EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.64 views

CVE-2018-4089

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. tvOS before 11.2.5 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of ...

8.8CVSS7.5AI score0.02344EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.63 views

CVE-2017-13837

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key.

7.5CVSS7.3AI score0.00322EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.63 views

CVE-2018-4131

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "WindowServer" component. It allows attackers to bypass the Secure Input Mode protection mechanism, and log keystrokes of arbitrary apps, via a crafted app that s...

7.8CVSS7AI score0.00224EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.63 views

CVE-2018-4174

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Mail" component. It allows man-in-the-middle attackers to read S/MIME encrypted messages by leveraging an inconsistency in the user interface.

5.9CVSS5.5AI score0.00846EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.61 views

CVE-2017-13827

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that performs kext loading.

9.3CVSS7.7AI score0.00232EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.61 views

CVE-2018-4094

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of s...

7.8CVSS8.6AI score0.00516EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.60 views

CVE-2017-7002

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8.5AI score0.0093EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.59 views

CVE-2018-4124

An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of serv...

9.8CVSS8.9AI score0.27059EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.58 views

CVE-2017-13853

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "AppleGraphicsControl" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS7.7AI score0.00247EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.58 views

CVE-2018-4154

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Storage" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

7.6CVSS7.2AI score0.00155EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.57 views

CVE-2017-13851

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "DesktopServices" component. It allows local users to bypass intended access restrictions on home folder files.

5.5CVSS5.6AI score0.00053EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.57 views

CVE-2018-4084

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Wi-Fi" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

5.5CVSS5.6AI score0.0234EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.57 views

CVE-2018-4086

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Security" component. It allows remote attackers to spoof certificate validation via crafted n...

5.9CVSS5.8AI score0.00326EPSS
CVE
CVE
added 2018/04/13 5:29 p.m.57 views

CVE-2018-4173

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access via a crafted app.

5.5CVSS5.5AI score0.00136EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.56 views

CVE-2018-4097

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.

9.3CVSS7.8AI score0.01321EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.54 views

CVE-2017-13839

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Spotlight" component. It allows local users to see results for other users' files.

5.5CVSS5.7AI score0.00053EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.54 views

CVE-2018-4151

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

7.6CVSS7.2AI score0.00169EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.53 views

CVE-2018-4156

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

7.6CVSS7.2AI score0.00169EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.53 views

CVE-2018-4176

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Images" component. It allows attackers to trigger an app launch upon mounting a crafted disk image.

5.5CVSS5.8AI score0.00216EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.52 views

CVE-2017-7170

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.

9.3CVSS7.8AI score0.00311EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.52 views

CVE-2018-4083

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Touch Bar Support" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.1AI score0.0078EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.52 views

CVE-2018-4135

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.1AI score0.00165EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.52 views

CVE-2018-4136

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app.

9.3CVSS8.1AI score0.00165EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.51 views

CVE-2018-4082

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or c...

9.3CVSS8.1AI score0.00187EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.51 views

CVE-2018-4098

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

9.3CVSS8.1AI score0.00165EPSS
CVE
CVE
added 2018/04/03 6:29 a.m.51 views

CVE-2018-4111

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Mail" component. It allows man-in-the-middle attackers to read S/MIME encrypted message content by sending HTML e-mail that references remote resources but lacks a valid S/MIME signature.

5.9CVSS5.8AI score0.00463EPSS
Total number of security vulnerabilities71