Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-11 | CVE-2017-13891 | Improper Input Validation vulnerability in Apple Iphone OS In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management. | 6.5 |
| 2019-01-11 | CVE-2017-13886 | Unspecified vulnerability in Apple mac OS X In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. | 6.5 |
| 2019-01-11 | CVE-2016-4644 | Information Exposure vulnerability in Apple Iphone OS In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. | 6.5 |
| 2019-01-11 | CVE-2016-4643 | Information Exposure vulnerability in Apple Iphone OS In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. | 6.5 |
| 2019-01-11 | CVE-2016-4642 | 7PK - Security Features vulnerability in Apple Iphone OS In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. | 5.9 |
| 2018-11-07 | CVE-2018-16845 | nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. | 6.1 |
| 2018-08-07 | CVE-2018-5383 | Improper Verification of Cryptographic Signature vulnerability in multiple products Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. | 6.8 |
| 2018-06-08 | CVE-2018-4253 | Out-of-bounds Read vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |
| 2018-06-08 | CVE-2018-4252 | Information Exposure vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 4.6 |
| 2018-06-08 | CVE-2018-4251 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |