# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
14751 |
CVE-2018-4338 |
20 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14. |
14752 |
CVE-2018-4335 |
20 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12. |
14753 |
CVE-2018-4333 |
20 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14. |
14754 |
CVE-2018-4329 |
19 |
|
|
2019-04-03 |
2019-04-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12, Safari 12. |
14755 |
CVE-2018-4328 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14756 |
CVE-2018-4326 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14. |
14757 |
CVE-2018-4325 |
200 |
|
+Info |
2019-04-03 |
2019-04-04 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12. |
14758 |
CVE-2018-4324 |
732 |
|
|
2019-04-03 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
A permissions issue existed in the handling of the Apple ID. This issue was addressed with improved access controls. This issue affected versions prior to macOS Mojave 10.14. |
14759 |
CVE-2018-4323 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14760 |
CVE-2018-4322 |
20 |
|
|
2019-04-03 |
2019-04-04 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12. |
14761 |
CVE-2018-4321 |
20 |
|
|
2019-04-03 |
2019-04-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12. |
14762 |
CVE-2018-4319 |
254 |
|
|
2019-04-03 |
2019-04-05 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14763 |
CVE-2018-4318 |
416 |
|
|
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14764 |
CVE-2018-4317 |
416 |
|
|
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14765 |
CVE-2018-4316 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14766 |
CVE-2018-4315 |
416 |
|
|
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14767 |
CVE-2018-4314 |
416 |
|
|
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14768 |
CVE-2018-4313 |
20 |
|
|
2019-04-03 |
2019-04-04 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. |
14769 |
CVE-2018-4312 |
416 |
|
|
2019-04-03 |
2019-04-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14770 |
CVE-2018-4311 |
200 |
|
+Info |
2019-04-03 |
2019-04-08 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14771 |
CVE-2018-4309 |
79 |
|
XSS |
2019-04-03 |
2019-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14772 |
CVE-2018-4308 |
125 |
|
|
2019-04-03 |
2019-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave 10.14. |
14773 |
CVE-2018-4307 |
20 |
|
|
2019-04-03 |
2019-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12. |
14774 |
CVE-2018-4306 |
416 |
|
|
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14775 |
CVE-2018-4305 |
20 |
|
|
2019-04-03 |
2019-04-04 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
Partial |
None |
An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. |
14776 |
CVE-2018-4304 |
20 |
|
DoS |
2019-04-03 |
2019-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. |
14777 |
CVE-2018-4303 |
20 |
|
|
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14, iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. |
14778 |
CVE-2018-4300 |
200 |
|
+Info |
2019-04-03 |
2019-09-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10. |
14779 |
CVE-2018-4299 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. |
14780 |
CVE-2018-4293 |
20 |
|
|
2019-04-03 |
2019-04-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14781 |
CVE-2018-4290 |
|
|
DoS |
2019-04-03 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
A denial of service issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, watchOS 4.3.2. |
14782 |
CVE-2018-4284 |
704 |
|
|
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14783 |
CVE-2018-4283 |
125 |
|
|
2019-04-03 |
2019-10-02 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6. |
14784 |
CVE-2018-4282 |
125 |
|
|
2019-04-03 |
2019-04-04 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2. |
14785 |
CVE-2018-4280 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. |
14786 |
CVE-2018-4279 |
20 |
|
|
2019-04-03 |
2019-04-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2. |
14787 |
CVE-2018-4278 |
254 |
|
|
2019-01-11 |
2019-01-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. |
14788 |
CVE-2018-4277 |
20 |
|
|
2019-01-11 |
2019-01-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. |
14789 |
CVE-2018-4276 |
476 |
|
|
2019-04-03 |
2019-04-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A null pointer dereference was addressed with improved validation. This issue affected versions prior to macOS High Sierra 10.13.6. |
14790 |
CVE-2018-4275 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1. |
14791 |
CVE-2018-4274 |
20 |
|
|
2019-04-03 |
2019-04-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2. |
14792 |
CVE-2018-4273 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14793 |
CVE-2018-4272 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14794 |
CVE-2018-4271 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14795 |
CVE-2018-4270 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14796 |
CVE-2018-4269 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14797 |
CVE-2018-4267 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14798 |
CVE-2018-4266 |
362 |
|
|
2019-04-03 |
2019-04-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14799 |
CVE-2018-4265 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |
14800 |
CVE-2018-4264 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-04 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. |