Vulnerabilities > Apple > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-11 CVE-2018-4278 In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin.
network
low complexity
apple canonical
4.3
4.3
2019-01-11 CVE-2018-4256 Out-of-bounds Read vulnerability in Apple mac OS X
In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.
local
low complexity
apple CWE-125
5.5
5.5
2019-01-11 CVE-2018-4255 Out-of-bounds Read vulnerability in Apple mac OS X
In macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.
local
low complexity
apple CWE-125
5.5
5.5
2019-01-11 CVE-2018-4181 In macOS High Sierra before 10.13.5, an issue existed in CUPS.
local
low complexity
apple canonical debian
5.5
5.5
2019-01-11 CVE-2018-4179 Information Exposure vulnerability in Apple mac OS X
In macOS High Sierra before 10.13.4, there was an issue with the handling of smartcard PINs.
local
low complexity
apple CWE-200
5.5
5.5
2019-01-11 CVE-2017-2411 7PK - Security Features vulnerability in Apple Iphone OS
In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS.
network
high complexity
apple CWE-254
5.9
5.9
2019-01-11 CVE-2017-13891 Improper Input Validation vulnerability in Apple Iphone OS
In iOS before 11.2, an inconsistent user interface issue was addressed through improved state management.
network
low complexity
apple CWE-20
6.5
6.5
2019-01-11 CVE-2017-13886 Unspecified vulnerability in Apple mac OS X
In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration.
network
low complexity
apple
6.5
6.5
2019-01-11 CVE-2016-4644 Information Exposure vulnerability in Apple Iphone OS
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain.
network
low complexity
apple CWE-200
6.5
6.5
2019-01-11 CVE-2016-4643 Information Exposure vulnerability in Apple Iphone OS
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses.
network
low complexity
apple CWE-200
6.5
6.5