CVE-2018-4262
- EPSS 2.57%
- Veröffentlicht 11.01.2019 18:29:02
- Zuletzt bearbeitet 21.11.2024 04:07:04
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.
CVE-2018-4278
- EPSS 2.28%
- Veröffentlicht 11.01.2019 18:29:02
- Zuletzt bearbeitet 21.11.2024 04:07:06
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tr...
CVE-2018-4180
- EPSS 0.45%
- Veröffentlicht 11.01.2019 18:29:01
- Zuletzt bearbeitet 21.11.2024 04:06:55
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
CVE-2018-4181
- EPSS 0.45%
- Veröffentlicht 11.01.2019 18:29:01
- Zuletzt bearbeitet 21.11.2024 04:06:55
In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.
CVE-2018-4207
- EPSS 2.05%
- Veröffentlicht 11.01.2019 18:29:01
- Zuletzt bearbeitet 21.11.2024 04:06:58
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
CVE-2018-4208
- EPSS 2.06%
- Veröffentlicht 11.01.2019 18:29:01
- Zuletzt bearbeitet 21.11.2024 04:06:58
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
CVE-2018-4209
- EPSS 2.06%
- Veröffentlicht 11.01.2019 18:29:01
- Zuletzt bearbeitet 21.11.2024 04:06:58
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
CVE-2019-6133
- EPSS 0.45%
- Veröffentlicht 11.01.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:46:00
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendin...
CVE-2019-6128
- EPSS 3.87%
- Veröffentlicht 11.01.2019 05:29:01
- Zuletzt bearbeitet 21.11.2024 04:45:59
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
CVE-2018-20685
- EPSS 3.68%
- Veröffentlicht 10.01.2019 21:29:00
- Zuletzt bearbeitet 17.12.2025 22:15:55
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.