| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2019-9518 |
400 |
|
DoS |
2019-08-13 |
2019-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU. |
|
2 |
CVE-2019-9517 |
400 |
|
DoS |
2019-08-13 |
2019-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. |
|
3 |
CVE-2019-9516 |
400 |
|
DoS |
2019-08-13 |
2019-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory. |
|
4 |
CVE-2019-9515 |
400 |
|
DoS |
2019-08-13 |
2019-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. |
|
5 |
CVE-2019-9514 |
400 |
|
DoS |
2019-08-13 |
2019-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. |
|
6 |
CVE-2019-9513 |
400 |
|
DoS |
2019-08-13 |
2019-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. |
|
7 |
CVE-2019-9512 |
400 |
|
DoS |
2019-08-13 |
2019-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. |
|
8 |
CVE-2019-9511 |
400 |
|
DoS |
2019-08-13 |
2019-08-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. |
|
9 |
CVE-2019-9506 |
310 |
|
|
2019-08-14 |
2019-08-28 |
4.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
None |
|
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. |
|
10 |
CVE-2019-8906 |
125 |
|
|
2019-02-18 |
2019-04-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. |
|
11 |
CVE-2018-20506 |
190 |
|
Exec Code Overflow |
2019-04-03 |
2019-06-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346. |
|
12 |
CVE-2018-20505 |
89 |
|
DoS Sql |
2019-04-03 |
2019-06-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). |
|
13 |
CVE-2018-18313 |
125 |
|
|
2018-12-07 |
2019-09-06 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. |
|
14 |
CVE-2018-18311 |
119 |
|
Overflow |
2018-12-07 |
2019-07-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. |
|
15 |
CVE-2018-12015 |
22 |
|
Dir. Trav. Bypass |
2018-06-07 |
2019-08-06 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. |
|
16 |
CVE-2018-8897 |
362 |
|
|
2018-05-08 |
2019-10-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. |
|
17 |
CVE-2018-5383 |
347 |
|
|
2018-08-07 |
2019-10-02 |
4.3 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
None |
|
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. |
|
18 |
CVE-2018-4470 |
254 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A privacy issue in the handling of Open Directory records was addressed with improved indexing. This issue affected versions prior to macOS High Sierra 10.13.6. |
|
19 |
CVE-2018-4465 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. |
|
20 |
CVE-2018-4464 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. |
|
21 |
CVE-2018-4463 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2. |
|
22 |
CVE-2018-4462 |
20 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2. |
|
23 |
CVE-2018-4461 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. |
|
24 |
CVE-2018-4460 |
20 |
|
DoS |
2019-04-03 |
2019-04-09 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. |
|
25 |
CVE-2018-4456 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-05-14 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14. |
|
26 |
CVE-2018-4450 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2. |
|
27 |
CVE-2018-4449 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2. |
|
28 |
CVE-2018-4447 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. |
|
29 |
CVE-2018-4446 |
20 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.1.1. |
|
30 |
CVE-2018-4445 |
200 |
|
+Info |
2019-04-03 |
2019-04-05 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2. |
|
31 |
CVE-2018-4443 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. |
|
32 |
CVE-2018-4442 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. |
|
33 |
CVE-2018-4441 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. |
|
34 |
CVE-2018-4440 |
20 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. |
|
35 |
CVE-2018-4439 |
20 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. |
|
36 |
CVE-2018-4438 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. |
|
37 |
CVE-2018-4437 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. |
|
38 |
CVE-2018-4436 |
295 |
|
|
2019-04-03 |
2019-04-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
A certificate validation issue existed in configuration profiles. This was addressed with additional checks. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2. |
|
39 |
CVE-2018-4435 |
20 |
|
|
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. |
|
40 |
CVE-2018-4434 |
125 |
|
|
2019-04-03 |
2019-04-05 |
6.6 |
None |
Local |
Low |
Not required |
Complete |
None |
Complete |
|
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.2. |
|
41 |
CVE-2018-4431 |
200 |
|
+Info |
2019-04-03 |
2019-04-05 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. |
|
42 |
CVE-2018-4430 |
200 |
|
+Info |
2019-04-03 |
2019-04-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1. |
|
43 |
CVE-2018-4429 |
20 |
|
|
2019-04-03 |
2019-04-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, watchOS 5.1.2. |
|
44 |
CVE-2018-4427 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Security Update 2018-006. |
|
45 |
CVE-2018-4426 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. |
|
46 |
CVE-2018-4425 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. |
|
47 |
CVE-2018-4424 |
119 |
|
Overflow |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A buffer overflow was addressed with improved size validation. This issue affected versions prior to macOS Mojave 10.14.1. |
|
48 |
CVE-2018-4423 |
20 |
|
|
2019-04-03 |
2019-04-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A logic issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.1. |
|
49 |
CVE-2018-4422 |
119 |
|
Overflow Mem. Corr. |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1. |
|
50 |
CVE-2018-4421 |
119 |
|
Overflow |
2019-04-03 |
2019-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1. |
