Vulnerability & Exploit Database

Displaying entries 221 - 230 of 128473 in total

OS X update for iCloud Drive (CVE-2018-4151) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "iCloud Drive" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

OS X update for File System Events (CVE-2018-4167) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "File System Events" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

OS X update for Disk Management (CVE-2018-4108) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Management" component. It allows attackers to trigger truncation of an APFS volume password via an unspecified injection.

OS X update for Disk Images (CVE-2018-4176) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Images" component. It allows attackers to trigger an app launch upon mounting a crafted disk image.

OS X update for CoreTypes (CVE-2017-13890) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site.

OS X update for CoreText (CVE-2018-4142) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted string.

OS X update for CoreFoundation (CVE-2018-4158) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

OS X update for CoreFoundation (CVE-2018-4155) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

OS X update for CFNetwork Session (CVE-2018-4166) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "NSURLSession" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.

OS X update for ATS (CVE-2018-4112) Vulnerability

  • Severity: 4
  • Published: April 02, 2018

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "ATS" component. It allows attackers to obtain sensitive information by leveraging symlink mishandling.