10.7.4

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-11	CVE-2018-4185	Information Exposure vulnerability in Apple products In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. network low complexity apple CWE-200	7.5
2019-01-11	CVE-2018-4183	Unspecified vulnerability in Apple mac OS X In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. local low complexity apple	8.2
2019-01-11	CVE-2018-4182	Unspecified vulnerability in Apple mac OS X In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. local low complexity apple	8.2
2019-01-11	CVE-2018-4181	In macOS High Sierra before 10.13.5, an issue existed in CUPS. local low complexity apple canonical debian	5.5
2019-01-11	CVE-2018-4180	In macOS High Sierra before 10.13.5, an issue existed in CUPS. local low complexity apple debian canonical	7.8
2019-01-11	CVE-2017-13887	Key Management Errors vulnerability in Apple mac OS X In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. network low complexity apple CWE-320	7.5
2019-01-11	CVE-2017-13886	Unspecified vulnerability in Apple mac OS X In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. network low complexity apple	6.5
2018-12-07	CVE-2018-18313	Out-of-bounds Read vulnerability in multiple products Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. network low complexity perl canonical debian redhat netapp apple CWE-125 critical	9.1
2018-12-07	CVE-2018-18311	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian netapp redhat apple fedoraproject mcafee CWE-190 critical	9.8
2018-08-07	CVE-2018-5383	Improper Verification of Cryptographic Signature vulnerability in multiple products Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. high complexity google apple CWE-347	6.8