Total
3663 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-6230 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-02-28 | 6.8 MEDIUM | 8.6 HIGH |
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox. | |||||
CVE-2018-4278 | 3 Apple, Canonical, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. | |||||
CVE-2017-13888 | 1 Apple | 1 Iphone Os | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In iOS before 11.2, a type confusion issue was addressed with improved memory handling. | |||||
CVE-2019-6219 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3. Processing a maliciously crafted message may lead to a denial of service. | |||||
CVE-2018-0691 | 6 Apple, Google, Kddi and 3 more | 6 Iphone Os, Android, \+ Message and 3 more | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Multiple +Message Apps (Softbank +Message App for Android prior to version 10.1.7, Softbank +Message App for iOS prior to version 1.1.23, NTT DOCOMO +Message App for Android prior to version 42.40.2800, NTT DOCOMO +Message App for iOS prior to version 1.1.23, KDDI +Message App for Android prior to version 1.0.6, and KDDI +Message App for iOS prior to version 1.1.23) do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2016-7576 | 1 Apple | 1 Iphone Os | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. | |||||
CVE-2019-6213 | 1 Apple | 4 Iphone Os, Mac Os X, Tv Os and 1 more | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2018-4208 | 4 Apple, Canonical, Microsoft and 1 more | 9 Icloud, Iphone Os, Itunes and 6 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. | |||||
CVE-2018-17472 | 4 Apple, Debian, Google and 1 more | 6 Iphone Os, Debian Linux, Chrome and 3 more | 2024-02-28 | 6.8 MEDIUM | 9.6 CRITICAL |
Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page. | |||||
CVE-2018-4185 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. | |||||
CVE-2019-6206 | 1 Apple | 1 Iphone Os | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.3. Password autofill may fill in passwords after they were manually cleared. | |||||
CVE-2017-13891 | 1 Apple | 1 Iphone Os | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management. | |||||
CVE-2019-6214 | 1 Apple | 4 Iphone Os, Mac Os X, Tv Os and 1 more | 2024-02-28 | 6.8 MEDIUM | 8.6 HIGH |
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox. | |||||
CVE-2019-6205 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes. | |||||
CVE-2019-6216 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2019-6215 | 3 Apple, Canonical, Microsoft | 8 Icloud, Iphone Os, Itunes and 5 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
CVE-2018-4189 | 1 Apple | 4 Apple Tv, Iphone Os, Mac Os X and 1 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling. | |||||
CVE-2019-6200 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. An attacker in a privileged network position may be able to execute arbitrary code. | |||||
CVE-2019-6209 | 1 Apple | 4 Iphone Os, Mac Os X, Tv Os and 1 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout. | |||||
CVE-2019-6234 | 3 Apple, Microsoft, Webkitgtk | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. |