Max CVSS 10.0 Min CVSS 1.9 Total Count59
IDCVSSSummaryLast (major) updatePublished
CVE-2018-4425 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4423 6.8
A logic issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4422 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4420 9.3
A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4419 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4417 4.3
A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4415 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4413 7.1
A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4412 6.8
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4411 6.8
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4410 9.3
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4408 9.3
A memory corruption issue was addressed with improved input validation This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4407 6.5
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4406 4.0
A denial of service issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4402 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4401 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4400 4.3
A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4398 5.0
An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCl
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4395 2.1
This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4394 6.8
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4393 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4371 6.8
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4368 4.0
A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4348 2.1
A validation issue was addressed with improved logic. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4346 4.3
A validation issue existed which allowed local file access. This was addressed with input sanitization. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4341 6.8
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4340 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4334 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4331 10.0
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4326 6.8
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4310 7.5
An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4308 4.3
An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4304 4.3
A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4295 7.5
An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4291 10.0
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4288 10.0
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4287 10.0
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4286 10.0
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4259 10.0
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4203 5.0
An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4153 4.3
An injection issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-4126 9.3
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.
03-04-2019 - 14:29 03-04-2019 - 14:29
CVE-2018-3646 4.7
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fau
14-08-2018 - 15:29 14-08-2018 - 15:29
CVE-2018-4242 9.3
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption)
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-3640 4.7
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue Sy
22-05-2018 - 08:29 22-05-2018 - 08:29
CVE-2018-6797 7.5
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.
17-04-2018 - 16:29 17-04-2018 - 16:29
CVE-2018-8780 7.5
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional director
03-04-2018 - 18:29 03-04-2018 - 18:29
CVE-2018-8779 5.0
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. It may be connected to an unintended socket.
03-04-2018 - 18:29 03-04-2018 - 18:29
CVE-2018-8778 5.0
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method
03-04-2018 - 18:29 03-04-2018 - 18:29
CVE-2018-8777 5.0
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of
03-04-2018 - 18:29 03-04-2018 - 18:29
CVE-2018-6914 5.0
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files vi
03-04-2018 - 18:29 03-04-2018 - 18:29
CVE-2017-17742 5.0
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick.
03-04-2018 - 18:29 03-04-2018 - 18:29
CVE-2017-17405 9.3
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command followi
15-12-2017 - 04:29 15-12-2017 - 04:29
CVE-2017-12618 1.9
Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make
23-10-2017 - 21:29 23-10-2017 - 21:29
CVE-2017-12613 3.6
When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially r
23-10-2017 - 21:29 23-10-2017 - 21:29
CVE-2017-14033 5.0
The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service (interpreter crash) via a crafted string.
19-09-2017 - 13:29 19-09-2017 - 13:29
CVE-2017-10784 9.3
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted
19-09-2017 - 13:29 19-09-2017 - 13:29
CVE-2017-0898 6.4
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information discl
15-09-2017 - 15:29 15-09-2017 - 15:29
CVE-2017-14064 7.5
Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning
31-08-2017 - 13:29 31-08-2017 - 13:29
Back to Top Mark selected
Back to Top