Search Results (4476 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-4451 1 Apple 1 Mac Os X 2024-11-21 7.8 High
This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation.
CVE-2018-4428 1 Apple 1 Iphone Os 2024-11-21 7.1 High
A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 12.1.1. A local attacker may be able to share items from the lock screen.
CVE-2018-4404 1 Apple 3 Iphone Os, Mac Os X, Macos 2024-11-21 8.8 High
In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling.
CVE-2018-4302 1 Apple 5 Icloud, Iphone Os, Itunes and 2 more 2024-11-21 7.8 High
A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.
CVE-2018-4296 1 Apple 1 Mac Os X 2024-11-21 9.8 Critical
This issue is fixed in macOS Mojave 10.14. A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks.
CVE-2018-4233 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2024-11-21 8.8 High
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-1785 2 Apple, Ibm 3 Macos, Spectrum Protect Client, Spectrum Protect For Virtual Environments 2024-11-21 7.5 High
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.
CVE-2018-1545 2 Apple, Ibm 3 Macos, Spectrum Protect Client, Spectrum Protect For Virtual Environments 2024-11-21 7.5 High
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649.
CVE-2018-19725 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2024-11-21 9.8 Critical
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2018-16844 5 Apple, Canonical, Debian and 2 more 5 Xcode, Ubuntu Linux, Debian Linux and 2 more 2024-11-21 7.5 High
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.
CVE-2018-16843 6 Apple, Canonical, Debian and 3 more 6 Xcode, Ubuntu Linux, Debian Linux and 3 more 2024-11-21 7.5 High
nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.
CVE-2018-16229 7 Apple, Debian, F5 and 4 more 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more 2024-11-21 7.5 High
The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
CVE-2018-16227 6 Apple, Debian, Fedoraproject and 3 more 6 Mac Os X, Debian Linux, Fedora and 3 more 2024-11-21 7.5 High
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
CVE-2018-14880 7 Apple, Debian, F5 and 4 more 23 Mac Os X, Debian Linux, Big-ip Access Policy Manager and 20 more 2024-11-21 7.5 High
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
CVE-2018-14469 7 Apple, Debian, F5 and 4 more 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more 2024-11-21 7.5 High
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
CVE-2018-14466 6 Apple, Debian, Fedoraproject and 3 more 6 Mac Os X, Debian Linux, Fedora and 3 more 2024-11-21 7.5 High
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
CVE-2018-14464 6 Apple, Debian, Fedoraproject and 3 more 6 Mac Os X, Debian Linux, Fedora and 3 more 2024-11-21 7.5 High
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
CVE-2018-14463 7 Apple, Debian, F5 and 4 more 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more 2024-11-21 7.5 High
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.
CVE-2017-2488 1 Apple 1 Remote Desktop 2024-11-21 7.5 High
A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was addressed by implementing the Secure Remote Password authentication protocol. This issue is fixed in Apple Remote Desktop 3.9. An attacker may be able to capture cleartext passwords.
CVE-2017-13908 1 Apple 1 Mac Os X 2024-11-21 7.8 High
An issue in handling file permissions was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A local attacker may be able to execute non-executable text files via an SMB share.