Filtered by vendor Apple
Subscribe
Search
Total
1588 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15996 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-15995 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-15989 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-15986 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-08-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-3115 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2019-08-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a PDF document. | |||||
| CVE-2017-3118 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2019-08-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments. | |||||
| CVE-2019-7963 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Mac Os X, Windows | 2019-07-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Bridge CC version 9.0.2 and earlier versions have an out of bound read vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | |||||
| CVE-2018-6128 | 2 Apple, Google | 2 Iphone Os, Chrome | 2019-07-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Incorrect URL parsing in WebKit in Google Chrome on iOS prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
| CVE-2019-5801 | 2 Apple, Google | 2 Iphone Os, Chrome | 2019-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | |||||
| CVE-2019-7133 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Mac Os X, Windows | 2019-05-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7134 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Mac Os X, Windows | 2019-05-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7135 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Mac Os X, Windows | 2019-05-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7138 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Mac Os X, Windows | 2019-05-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2019-7136 | 3 Adobe, Apple, Microsoft | 3 Bridge Cc, Mac Os X, Windows | 2019-05-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Bridge CC versions 9.0.2 have an use after free vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2017-6975 | 1 Apple | 1 Iphone Os | 2019-05-14 | 7.2 HIGH | 6.8 MEDIUM |
| Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior. | |||||
| CVE-2017-7064 | 2 Apple, Microsoft | 5 Icloud, Iphone Os, Itunes and 2 more | 2019-05-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | |||||
| CVE-2017-7011 | 1 Apple | 2 Iphone Os, Safari | 2019-05-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site that uses FRAME elements. | |||||
| CVE-2018-4187 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a crafted URL in a text message. | |||||
| CVE-2018-4460 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | |||||
| CVE-2018-4395 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-08 | 2.1 LOW | 5.5 MEDIUM |
| This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4380 | 1 Apple | 1 Iphone Os | 2019-04-08 | 2.1 LOW | 5.5 MEDIUM |
| A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1. | |||||
| CVE-2018-4429 | 1 Apple | 2 Iphone Os, Watchos | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, watchOS 5.1.2. | |||||
| CVE-2018-4333 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14. | |||||
| CVE-2018-4335 | 1 Apple | 1 Iphone Os | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12. | |||||
| CVE-2018-4445 | 1 Apple | 2 Iphone Os, Safari | 2019-04-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2. | |||||
| CVE-2018-4462 | 1 Apple | 1 Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2. | |||||
| CVE-2018-4195 | 1 Apple | 1 Safari | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 12. | |||||
| CVE-2018-4439 | 2 Apple, Microsoft | 5 Icloud, Iphone Os, Itunes and 2 more | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | |||||
| CVE-2018-4440 | 2 Apple, Microsoft | 5 Icloud, Iphone Os, Itunes and 2 more | 2019-04-05 | 4.3 MEDIUM | 4.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | |||||
| CVE-2018-4362 | 1 Apple | 2 Iphone Os, Safari | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12. | |||||
| CVE-2018-4409 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | |||||
| CVE-2018-4368 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 4.0 MEDIUM | 6.5 MEDIUM |
| A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. | |||||
| CVE-2018-4413 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 7.1 HIGH | 5.5 MEDIUM |
| A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. | |||||
| CVE-2018-4403 | 1 Apple | 1 Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1. | |||||
| CVE-2018-4399 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | |||||
| CVE-2018-4389 | 1 Apple | 1 Mac Os X | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to macOS Mojave 10.14.1. | |||||
| CVE-2018-4431 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-04-05 | 4.9 MEDIUM | 5.5 MEDIUM |
| A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | |||||
| CVE-2018-4388 | 1 Apple | 1 Iphone Os | 2019-04-05 | 2.1 LOW | 4.6 MEDIUM |
| A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1. | |||||
| CVE-2018-4397 | 1 Apple | 2 Apple Support, Iphone Os | 2019-04-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| Analytics data was sent using HTTP rather than HTTPS. This was addressed by sending analytics data using HTTPS. This issue affected versions prior to Apple Support 2.4 for iOS. | |||||
| CVE-2018-4355 | 1 Apple | 2 Iphone Os, Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14. | |||||
| CVE-2018-4363 | 1 Apple | 3 Iphone Os, Tvos, Watchos | 2019-04-05 | 7.1 HIGH | 5.5 MEDIUM |
| An input validation issue existed in the kernel. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. | |||||
| CVE-2018-4374 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-04-05 | 4.3 MEDIUM | 6.1 MEDIUM |
| A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | |||||
| CVE-2018-4293 | 2 Apple, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2019-04-05 | 5.0 MEDIUM | 5.3 MEDIUM |
| A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | |||||
| CVE-2018-4385 | 1 Apple | 1 Iphone Os | 2019-04-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1. | |||||
| CVE-2018-4377 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2019-04-05 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | |||||
| CVE-2018-4396 | 1 Apple | 1 Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14. | |||||
| CVE-2018-4417 | 1 Apple | 1 Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14. | |||||
| CVE-2018-4418 | 1 Apple | 1 Mac Os X | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14. | |||||
| CVE-2018-4400 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2019-04-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1. | |||||
| CVE-2018-4379 | 1 Apple | 1 Iphone Os | 2019-04-05 | 2.1 LOW | 5.5 MEDIUM |
| A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1. | |||||