Vulnerabilities > Apple > Iphone OS > 10.3.1

DATE CVE VULNERABILITY TITLE RISK
2019-01-11 CVE-2018-4189 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling.
network
low complexity
apple CWE-119
critical
9.8
2019-01-11 CVE-2018-4185 Information Exposure vulnerability in Apple products
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state.
network
low complexity
apple CWE-200
7.5
2019-01-11 CVE-2018-4147 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products
In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling.
network
low complexity
apple CWE-119
critical
9.8
2019-01-11 CVE-2017-2411 7PK - Security Features vulnerability in Apple Iphone OS
In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS.
network
high complexity
apple CWE-254
5.9
2019-01-11 CVE-2017-13891 Improper Input Validation vulnerability in Apple Iphone OS
In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management.
network
low complexity
apple CWE-20
6.5
2019-01-11 CVE-2017-13888 Incorrect Type Conversion or Cast vulnerability in Apple Iphone OS
In iOS before 11.2, a type confusion issue was addressed with improved memory handling.
network
low complexity
apple CWE-704
7.5
2018-08-07 CVE-2018-5383 Improper Verification of Cryptographic Signature vulnerability in multiple products
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
high complexity
google apple CWE-347
6.8
2018-06-08 CVE-2018-4252 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
low complexity
apple CWE-200
4.6
2018-06-08 CVE-2018-4250 Improper Input Validation vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
network
low complexity
apple CWE-20
6.5
2018-06-08 CVE-2018-4249 Integer Overflow or Wraparound vulnerability in Apple products
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-190
7.8