| Month | Quarter | Year |
|---|---|---|
| #171 | #N/A | #N/A |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2018-4935 | CWE-787 | Out-of-bounds Write | 9.8 |
|
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
|
|||
| CVE-2018-4934 | CWE-125 | Out-of-bounds Read | 7.5 |
|
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
|
|||
| CVE-2018-4384 | CWE-119 | Buffer Errors | 7.8 |
|
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, watchOS 5.1.
|
|||
| CVE-2018-4367 | CWE-119 | Buffer Errors | 9.8 |
|
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.
|
|||
| CVE-2018-4366 | CWE-399 | Resource Management Errors | 7.5 |
|
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.
|
|||
| CVE-2018-4222 | CWE-125 | Out-of-bounds Read | 8.8 |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation.
|
|||
| CVE-2018-4218 | CWE-119 | Buffer Errors | 8.8 |
|
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free.
|
|||
| CVE-2018-4121 | CWE-119 | Buffer Errors | 8.8 |
|
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
|
|||
| CVE-2018-12827 | CWE-125 | Out-of-bounds Read | 7.5 |
|
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
|
|||
| CVE-2017-8657 | CWE-119 | Buffer Errors | 7.5 |
|
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.
|
|||