iOS

CVEs (2,979)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2018-4420	Apple Inc. tvOS	—	0.01	Apr 3, 2019	A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
CVE-2018-4436	Apple Inc. tvOS	—	0.01	Apr 3, 2019	A certificate validation issue existed in configuration profiles. This was addressed with additional checks. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2.
CVE-2018-4425	Apple Inc. tvOS	—	0.01	Apr 3, 2019	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4430	Apple Inc. iOS	—	0.00	Apr 3, 2019	A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1.
CVE-2018-4387	Apple Inc. iOS	—	0.00	Apr 3, 2019	A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.
CVE-2018-4401	Apple Inc. tvOS	—	0.01	Apr 3, 2019	A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4392	Apple Inc. Safari	—	0.01	Apr 3, 2019	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
CVE-2018-4388	Apple Inc. iOS	—	0.00	Apr 3, 2019	A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1.
CVE-2018-4394	Apple Inc. tvOS	—	0.01	Apr 3, 2019	A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.
CVE-2018-4385	Apple Inc. iOS	—	0.01	Apr 3, 2019	A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.
CVE-2018-4400	Apple Inc. watchOS	—	0.01	Apr 3, 2019	A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.
CVE-2018-4383	Apple Inc. tvOS	—	0.01	Apr 3, 2019	A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4395	Apple Inc. macOS	—	0.00	Apr 3, 2019	This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4398	Apple Inc. tvOS	—	0.02	Apr 3, 2019	An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.
CVE-2018-4408	Apple Inc. tvOS	—	0.01	Apr 3, 2019	A memory corruption issue was addressed with improved input validation This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4377	Apple Inc. Safari	—	0.01	Apr 3, 2019	A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
CVE-2018-4399	Apple Inc. macOS	—	0.01	Apr 3, 2019	An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4378	Apple Inc. tvOS	—	0.01	Apr 3, 2019	A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
CVE-2018-4371	Apple Inc. macOS	—	0.01	Apr 3, 2019	An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
CVE-2018-4360	Apple Inc. Safari	—	0.02	Apr 3, 2019	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4420Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
CVE-2018-4436Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
A certificate validation issue existed in configuration profiles. This was addressed with additional checks. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2.
CVE-2018-4425Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4430Apr 3, 2019
Apple Inc.
iOS
risk 0.00cvss —epss 0.00
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1.
CVE-2018-4387Apr 3, 2019
Apple Inc.
iOS
risk 0.00cvss —epss 0.00
A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.
CVE-2018-4401Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4392Apr 3, 2019
Apple Inc.
Safari
risk 0.00cvss —epss 0.01
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
CVE-2018-4388Apr 3, 2019
Apple Inc.
iOS
risk 0.00cvss —epss 0.00
A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1.
CVE-2018-4394Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.
CVE-2018-4385Apr 3, 2019
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.
CVE-2018-4400Apr 3, 2019
Apple Inc.
watchOS
risk 0.00cvss —epss 0.01
A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.
CVE-2018-4383Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4395Apr 3, 2019
Apple Inc.
macOS
risk 0.00cvss —epss 0.00
This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4398Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.02
An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.
CVE-2018-4408Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
A memory corruption issue was addressed with improved input validation This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4377Apr 3, 2019
Apple Inc.
Safari
risk 0.00cvss —epss 0.01
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
CVE-2018-4399Apr 3, 2019
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
CVE-2018-4378Apr 3, 2019
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
CVE-2018-4371Apr 3, 2019
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
CVE-2018-4360Apr 3, 2019
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

Page 108 of 149