Month | Quarter | Year |
---|---|---|
#N/A | #N/A | #N/A |
CVE-ID | CWE-ID | Type | Score |
---|---|---|---|
CVE-2018-4403 | CWE-200 | Information Leak / Disclosure | 5.5 |
This issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1.
|
|||
CVE-2018-4395 | CWE-20 | Input Validation | 5.5 |
This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
|
|||
CVE-2018-4290 | CWE-399 | Resource Management Errors | 5.9 |
A denial of service issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, watchOS 4.3.2.
|
|||
CVE-2017-7170 | CWE-20 | Input Validation | 7.8 |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Security" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app.
|
|||
CVE-2017-7150 | CWE-284 | Improper Access Control | 5.5 |
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "Security" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click.
|
|||
CVE-2017-6987 | CWE-200 | Information Leak / Disclosure | 5.5 |
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
|
|||
CVE-2017-6974 | CWE-20 | Input Validation | 5.5 |
An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the system-installation subsystem of the "System Integrity Protection" component. It allows attackers to modify the contents of a protected disk location via a crafted app.
|
|||
CVE-2017-13837 | CWE-254 | Security Features | 7.5 |
An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key.
|