VYPR

iOS

by Apple Inc.

CVEs (2,979)

  • CVE-2019-6210Mar 5, 2019
    Apple Inc.
    tvOS
    risk 0.00cvss epss 0.02

    A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges.

  • CVE-2019-6235Mar 4, 2019
    Apple Inc.
    iTunes
    risk 0.00cvss epss 0.02

    A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.

  • CVE-2019-6206Mar 4, 2019
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.3. Password autofill may fill in passwords after they were manually cleared.

  • CVE-2017-13888Jan 11, 2019
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    In iOS before 11.2, a type confusion issue was addressed with improved memory handling.

  • CVE-2016-4643Jan 11, 2019
    Apple Inc.
    tvOS
    risk 0.00cvss epss 0.01

    In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through improved response validation.

  • CVE-2016-4644Jan 11, 2019
    Apple Inc.
    tvOS
    risk 0.00cvss epss 0.01

    In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials.

  • CVE-2016-7576Jan 11, 2019
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.

  • CVE-2017-2411Jan 11, 2019
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.

  • CVE-2018-4278Jan 11, 2019
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.02

    In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.

  • CVE-2018-4194Jan 11, 2019
    Apple Inc.
    watchOS
    risk 0.00cvss epss 0.02

    In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

  • CVE-2018-4212Jan 11, 2019
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.02

    In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.

  • CVE-2018-4213Jan 11, 2019
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.02

    In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.

  • CVE-2018-4207Jan 11, 2019
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.02

    In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.

  • CVE-2018-4262Jan 11, 2019
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.03

    In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.

  • CVE-2018-4277Jan 11, 2019
    Apple Inc.
    tvOS
    risk 0.00cvss epss 0.02

    In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

  • CVE-2018-4209Jan 11, 2019
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.02

    In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.

  • CVE-2018-4189Jan 11, 2019
    Apple Inc.
    watchOS
    risk 0.00cvss epss 0.02

    In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling.

  • CVE-2017-13891Jan 11, 2019
    Apple Inc.
    iOS
    risk 0.00cvss epss 0.01

    In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management.

  • CVE-2018-4210Jan 11, 2019
    Apple Inc.
    Safari
    risk 0.00cvss epss 0.02

    In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.

  • CVE-2018-4185Jan 11, 2019
    Apple Inc.
    macOS
    risk 0.00cvss epss 0.03

    In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.

Page 113 of 149