Vulnerabilities (CVE)

Vendor filter

Apple Subscribe

Filter

4365 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-20506 2 Apple, Sqlite 7 Icloud, Itunes, Sqlite and 4 more 2019-04-17 6.8
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to...
CVE-2019-8906 4 File Project, Canonical, Opensuse and 1 more 7 File, Ubuntu Linux, Leap and 4 more 2019-04-16 6.8
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
CVE-2018-18311 7 Perl, Canonical, Debian and 4 more 16 Perl, Ubuntu Linux, Debian Linux and 13 more 2019-04-16 7.5
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVE-2018-4187 1 Apple 2 Iphone Os, Mac Os X 2019-04-12 4.3
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a...
CVE-2018-4460 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-04-09 4.0
A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.
CVE-2018-20505 2 Apple, Sqlite 6 Icloud, Itunes, Sqlite and 3 more 2019-04-08 5.0
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
CVE-2018-4353 1 Apple 1 Mac Os X 2019-04-08 7.5
A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.
CVE-2018-4412 1 Apple 6 Icloud, Itunes, Iphone Os and 3 more 2019-04-08 6.8
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2018-4311 1 Apple 5 Icloud, Itunes, Safari and 2 more 2019-04-08 5.8
The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2018-4312 1 Apple 5 Icloud, Itunes, Safari and 2 more 2019-04-08 6.8
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2018-4371 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-04-08 6.8
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
CVE-2018-4395 1 Apple 4 Iphone Os, Mac Os X, Tvos and 1 more 2019-04-08 2.1
This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4380 1 Apple 1 Iphone Os 2019-04-08 2.1
A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1.
CVE-2018-4310 1 Apple 2 Iphone Os, Mac Os X 2019-04-08 7.5
An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.
CVE-2018-4300 1 Apple 1 Cups 2019-04-08 4.3
The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.
CVE-2018-4326 1 Apple 2 Iphone Os, Mac Os X 2019-04-08 6.8
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14.
CVE-2018-4329 1 Apple 2 Safari, Iphone Os 2019-04-08 5.0
Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12, Safari 12.
CVE-2018-4352 1 Apple 1 Iphone Os 2019-04-08 2.1
A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12.
CVE-2016-1802 1 Apple 5 Mac Os X, Iphone Os, Watchos and 2 more 2019-03-25 4.3
CCCrypt in CommonCrypto in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 mishandles return values during key-length calculations, which allows attackers to obtain sensitive information via a crafted app.
CVE-2016-1803 1 Apple 5 Mac Os X, Iphone Os, Watchos and 2 more 2019-03-25 6.8
CoreCapture in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.