Total
3662 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4644 | 1 Apple | 3 Apple Tv, Iphone Os, Mac Os | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials. | |||||
| CVE-2018-4194 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation. | |||||
| CVE-2019-6212 | 3 Apple, Canonical, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6223 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer. | |||||
| CVE-2019-6227 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2018-4207 | 4 Apple, Canonical, Microsoft and 1 more | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | |||||
| CVE-2018-4147 | 2 Apple, Microsoft | 5 Icloud, Iphone Os, Itunes and 2 more | 2024-02-28 | 6.8 MEDIUM | 9.8 CRITICAL |
| In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling. | |||||
| CVE-2019-6229 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to universal cross site scripting. | |||||
| CVE-2019-6233 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6228 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue is fixed in iOS 12.1.3, Safari 12.0.3. Processing maliciously crafted web content may lead to a cross site scripting attack. | |||||
| CVE-2019-6218 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-6235 | 1 Apple | 5 Iphone Os, Itunes, Mac Os X and 2 more | 2024-02-28 | 7.5 HIGH | 10.0 CRITICAL |
| A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
| CVE-2019-6211 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2019-6210 | 1 Apple | 4 Iphone Os, Mac Os X, Tv Os and 1 more | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2018-4212 | 4 Apple, Canonical, Microsoft and 1 more | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | |||||
| CVE-2018-20069 | 2 Apple, Google | 2 Iphone Os, Chrome | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
| Failure to prevent navigation to top frame to data URLs in Navigation in Google Chrome on iOS prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page. | |||||
| CVE-2019-6221 | 2 Apple, Microsoft | 4 Iphone Os, Itunes, Mac Os X and 1 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows. A malicious application may be able to elevate privileges. | |||||
| CVE-2018-4277 | 1 Apple | 5 Iphone Os, Mac Os X, Safari and 2 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. | |||||
| CVE-2019-6225 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. | |||||
| CVE-2019-6230 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-02-28 | 6.8 MEDIUM | 8.6 HIGH |
| A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox. | |||||