iOS

CVEs (2,979)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2018-4092	Apple Inc. macOS	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to bypass intended…
CVE-2018-4096	Apple Inc. Safari	—	0.02	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS…
CVE-2018-4134	Apple Inc. iOS	—	0.02	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the user interface via a crafted web site.
CVE-2017-6976	Apple Inc. iOS	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to bypass intended access restrictions (for iCloud user records) via a crafted app.
CVE-2017-13884	Apple Inc. Safari	—	0.03	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue…
CVE-2017-7171	Apple Inc. macOS	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CoreAnimation" component. It allows attackers to execute arbitrary code in a…
CVE-2017-13877	Apple Inc. iOS	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to determine whether arbitrary files exist via a crafted app.
CVE-2017-13806	Apple Inc. iOS	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Profiles" component. It does not enforce the configuration profile's settings for whether pairings are allowed.
CVE-2018-4137	Apple Inc. Safari	—	0.02	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows remote attackers to read autofilled data by leveraging lack of a user-confirmation requirement.
CVE-2018-4125	Apple Inc. Safari	—	0.02	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves…
CVE-2018-4127	Apple Inc. Safari	—	0.02	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It…
CVE-2018-4158	Apple Inc. macOS	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged…
CVE-2018-4109	Apple Inc. tvOS	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause…
CVE-2018-4128	Apple Inc. Safari	—	0.02	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It…
CVE-2018-4157	Apple Inc. macOS	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary…
CVE-2018-4165	Apple Inc. Safari	—	0.02	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It…
CVE-2018-4110	Apple Inc. iOS	—	0.04	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence.
CVE-2017-7075	Apple Inc. iOS	—	0.00	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Notes" component. It allows local users to obtain sensitive information by reading search results that contain locked-note content.
CVE-2017-2492	Apple Inc. Safari	—	0.01	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "JavaScriptCore" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web…
CVE-2018-4161	Apple Inc. Safari	—	0.02	Apr 3, 2018	An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves…

CVE-2018-4092Apr 3, 2018
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to bypass intended…
CVE-2018-4096Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. iCloud before 7.3 on Windows is affected. iTunes before 12.7.3 on Windows is affected. tvOS before 11.2.5 is affected. watchOS…
CVE-2018-4134Apr 3, 2018
Apple Inc.
iOS
risk 0.00cvss —epss 0.02
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the user interface via a crafted web site.
CVE-2017-6976Apr 3, 2018
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to bypass intended access restrictions (for iCloud user records) via a crafted app.
CVE-2017-13884Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.03
An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue…
CVE-2017-7171Apr 3, 2018
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CoreAnimation" component. It allows attackers to execute arbitrary code in a…
CVE-2017-13877Apr 3, 2018
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to determine whether arbitrary files exist via a crafted app.
CVE-2017-13806Apr 3, 2018
Apple Inc.
iOS
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Profiles" component. It does not enforce the configuration profile's settings for whether pairings are allowed.
CVE-2018-4137Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows remote attackers to read autofilled data by leveraging lack of a user-confirmation requirement.
CVE-2018-4125Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves…
CVE-2018-4127Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It…
CVE-2018-4158Apr 3, 2018
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged…
CVE-2018-4109Apr 3, 2018
Apple Inc.
tvOS
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause…
CVE-2018-4128Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It…
CVE-2018-4157Apr 3, 2018
Apple Inc.
macOS
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Quick Look" component. A race condition allows attackers to execute arbitrary…
CVE-2018-4165Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It…
CVE-2018-4110Apr 3, 2018
Apple Inc.
iOS
risk 0.00cvss —epss 0.04
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence.
CVE-2017-7075Apr 3, 2018
Apple Inc.
iOS
risk 0.00cvss —epss 0.00
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Notes" component. It allows local users to obtain sensitive information by reading search results that contain locked-note content.
CVE-2017-2492Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.01
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "JavaScriptCore" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web…
CVE-2018-4161Apr 3, 2018
Apple Inc.
Safari
risk 0.00cvss —epss 0.02
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves…

Page 118 of 149