Filtered by vendor Apple
Subscriptions
Total
12301 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-13909 | 1 Apple | 1 Mac Os X | 2024-11-21 | 5.5 Medium |
| An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens. | ||||
| CVE-2017-13908 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| An issue in handling file permissions was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A local attacker may be able to execute non-executable text files via an SMB share. | ||||
| CVE-2017-13907 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.8 Medium |
| A state management issue was addressed with improved state validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan. The screen lock may unexpectedly remain unlocked. | ||||
| CVE-2017-13906 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.8 High |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A malicious application may be able to elevate privileges. | ||||
| CVE-2017-13905 | 1 Apple | 5 Iphone Os, Mac Os X, Macos and 2 more | 2024-11-21 | 8.1 High |
| A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges. | ||||
| CVE-2017-13904 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||
| CVE-2017-13892 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.5 High |
| An issue existed in the handling of Contact sharing. This issue was addressed with improved handling of user information. This issue is fixed in macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan. Sharing contact information may lead to unexpected data sharing. | ||||
| CVE-2017-13891 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management. | ||||
| CVE-2017-13890 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site. | ||||
| CVE-2017-13889 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved credential validation. | ||||
| CVE-2017-13888 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| In iOS before 11.2, a type confusion issue was addressed with improved memory handling. | ||||
| CVE-2017-13887 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management. | ||||
| CVE-2017-13886 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions. | ||||
| CVE-2017-13885 | 3 Apple, Canonical, Microsoft | 7 Icloud, Iphone Os, Itunes and 4 more | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-13884 | 3 Apple, Canonical, Microsoft | 8 Icloud, Iphone Os, Itunes and 5 more | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2017-13880 | 1 Apple | 2 Iphone Os, Watchos | 2024-11-21 | 7.8 High |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 11.2, watchOS 4.2. An application may be able to execute arbitrary code with kernel privilege. | ||||
| CVE-2017-13877 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Sandbox Profiles" component. It allows attackers to determine whether arbitrary files exist via a crafted app. | ||||
| CVE-2017-13873 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to obtain sensitive network-activity information about arbitrary apps via a crafted app. | ||||
| CVE-2017-13863 | 1 Apple | 1 Iphone Os | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "APNs" component. It allows man-in-the-middle attackers to track users by leveraging the transmission of client certificates. | ||||
| CVE-2017-13854 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | N/A |
| An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | ||||