# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2018-4404 |
119 |
|
Overflow Mem. Corr. |
2019-01-11 |
2019-01-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling. |
2 |
CVE-2018-4330 |
119 |
|
Overflow Mem. Corr. |
2019-01-11 |
2019-01-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling. |
3 |
CVE-2018-4298 |
275 |
|
|
2019-01-11 |
2019-01-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a permissions issue existed in Remote Management. This issue was addressed through improved permission validation. |
4 |
CVE-2018-4258 |
119 |
|
Overflow |
2019-01-11 |
2019-01-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved bounds checking. |
5 |
CVE-2018-4257 |
119 |
|
Overflow |
2019-01-11 |
2019-01-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In macOS High Sierra before 10.13.5, a buffer overflow was addressed with improved size validation. |
6 |
CVE-2018-4254 |
20 |
|
|
2019-01-11 |
2019-01-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In macOS High Sierra before 10.13.5, an input validation issue existed in the kernel. This issue was addressed with improved input validation. |
7 |
CVE-2018-4249 |
190 |
|
DoS Exec Code Overflow |
2018-06-08 |
2018-07-17 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app. |
8 |
CVE-2018-4243 |
119 |
|
Exec Code Overflow |
2018-06-08 |
2018-07-17 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app. |
9 |
CVE-2018-4242 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-06-08 |
2018-10-31 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
10 |
CVE-2018-4241 |
119 |
|
Exec Code Overflow |
2018-06-08 |
2018-07-17 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app. |
11 |
CVE-2018-4236 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-06-08 |
2018-07-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
12 |
CVE-2018-4234 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-06-08 |
2018-07-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
13 |
CVE-2018-4229 |
254 |
|
Bypass |
2018-06-08 |
2018-07-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatch" component. It allows attackers to bypass a sandbox protection mechanism by leveraging the misparsing of entitlement plists. |
14 |
CVE-2018-4196 |
284 |
|
Exec Code +Info |
2018-06-08 |
2018-07-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or obtain sensitive information via a crafted app. |
15 |
CVE-2018-4193 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-06-08 |
2018-07-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
16 |
CVE-2018-4189 |
119 |
|
Overflow Mem. Corr. |
2019-01-11 |
2019-01-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling. |
17 |
CVE-2018-4169 |
125 |
|
|
2019-01-11 |
2019-01-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, an out-of-bounds read was addressed with improved input validation. |
18 |
CVE-2018-4164 |
|
|
|
2018-04-03 |
2018-05-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. Xcode before 9.3 is affected. The issue, which is unspecified, involves the "LLVM" component. |
19 |
CVE-2018-4160 |
125 |
|
DoS Exec Code |
2018-04-03 |
2018-05-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app. |
20 |
CVE-2018-4150 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
21 |
CVE-2018-4144 |
119 |
|
Exec Code Overflow |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Security" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app. |
22 |
CVE-2018-4143 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
23 |
CVE-2018-4139 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-05-02 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "kext tools" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
24 |
CVE-2018-4136 |
125 |
|
DoS Exec Code |
2018-04-03 |
2018-05-04 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app. |
25 |
CVE-2018-4135 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
26 |
CVE-2018-4132 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
27 |
CVE-2018-4124 |
119 |
|
DoS Overflow Mem. Corr. |
2018-04-03 |
2018-05-15 |
9.0 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a crafted string containing a certain Telugu character. |
28 |
CVE-2018-4109 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
29 |
CVE-2018-4098 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
30 |
CVE-2018-4097 |
20 |
|
Exec Code |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. |
31 |
CVE-2018-4095 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
32 |
CVE-2018-4087 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
33 |
CVE-2018-4083 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Touch Bar Support" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
34 |
CVE-2018-4082 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
35 |
CVE-2017-13904 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
36 |
CVE-2017-13883 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-12-25 |
2017-12-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
37 |
CVE-2017-13879 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-12-25 |
2017-12-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "IOMobileFrameBuffer" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
38 |
CVE-2017-13876 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-12-25 |
2017-12-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
39 |
CVE-2017-13875 |
125 |
|
DoS Exec Code |
2017-12-25 |
2017-12-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read) via a crafted app. |
40 |
CVE-2017-13872 |
287 |
|
|
2017-11-29 |
2017-12-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user name. |
41 |
CVE-2017-13867 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-12-25 |
2017-12-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
42 |
CVE-2017-13862 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-12-25 |
2017-12-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
43 |
CVE-2017-13861 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-12-25 |
2017-12-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
44 |
CVE-2017-13858 |
20 |
|
Exec Code |
2017-12-25 |
2017-12-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. |
45 |
CVE-2017-13854 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
46 |
CVE-2017-13853 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2018-04-03 |
2018-04-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "AppleGraphicsControl" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
47 |
CVE-2017-13848 |
20 |
|
Exec Code |
2017-12-25 |
2017-12-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. |
48 |
CVE-2017-13847 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-12-25 |
2017-12-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "IOKit" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |
49 |
CVE-2017-13846 |
|
|
DoS |
2017-11-12 |
2017-11-28 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
50 |
CVE-2017-13843 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2017-11-12 |
2017-11-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. |