Total
9570 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5106 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-11-21 | N/A |
| Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This vulnerability affects Firefox < 58. | ||||
| CVE-2018-4993 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-11-21 | N/A |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2018-4965 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-11-21 | N/A |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Memory Corruption vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2018-4925 | 4 Adobe, Apple, Google and 1 more | 5 Digital Editions, Iphone Os, Mac Os X and 2 more | 2024-11-21 | N/A |
| Adobe Digital Editions versions 4.5.7 and below have an exploitable Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2018-4861 | 1 Siemens | 2 Scalance M875, Scalance M875 Firmware | 2024-11-21 | N/A |
| A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/tcp), could potentially read and download arbitrary files from the device's file system. Successful exploitation requires that the attacker has network access to the web interface. The attacker must be authenticated as administrative user to exploit the security vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. | ||||
| CVE-2018-4835 | 1 Siemens | 1 Telecontrol Server Basic | 2024-11-21 | N/A |
| A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with network access to the TeleControl Server Basic's port 8000/tcp could bypass the authentication mechanism and read limited information. | ||||
| CVE-2018-4445 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | N/A |
| "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2. | ||||
| CVE-2018-4431 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | N/A |
| A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | ||||
| CVE-2018-4430 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1. | ||||
| CVE-2018-4403 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| This issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1. | ||||
| CVE-2018-4388 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1. | ||||
| CVE-2018-4387 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1. | ||||
| CVE-2018-4380 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| A lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1. | ||||
| CVE-2018-4379 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1. | ||||
| CVE-2018-4355 | 1 Apple | 2 Iphone Os, Mac Os X | 2024-11-21 | N/A |
| A configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14. | ||||
| CVE-2018-4352 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12. | ||||
| CVE-2018-4325 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| A logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12. | ||||
| CVE-2018-4311 | 2 Apple, Microsoft | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | N/A |
| The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | ||||
| CVE-2018-4300 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2024-11-21 | N/A |
| The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10. | ||||
| CVE-2018-4289 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| An information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra 10.13.6. | ||||