Vulnerabilities > Apple > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-11 | CVE-2017-13886 | Unspecified vulnerability in Apple mac OS X In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. | 4.0 |
| 2019-01-11 | CVE-2016-4644 | Information Exposure vulnerability in Apple TV, Iphone OS and mac OS In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. | 4.0 |
| 2019-01-11 | CVE-2016-4643 | Information Exposure vulnerability in Apple TV, Iphone OS and mac OS In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. | 4.0 |
| 2019-01-11 | CVE-2016-4642 | 7PK - Security Features vulnerability in Apple TV, Iphone OS and mac OS In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. | 4.3 |
| 2018-11-29 | CVE-2018-15978 | Out-of-bounds Read vulnerability in multiple products Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. | 5.0 |
| 2018-11-15 | CVE-2018-0691 | Improper Certificate Validation vulnerability in multiple products Multiple +Message Apps (Softbank +Message App for Android prior to version 10.1.7, Softbank +Message App for iOS prior to version 1.1.23, NTT DOCOMO +Message App for Android prior to version 42.40.2800, NTT DOCOMO +Message App for iOS prior to version 1.1.23, KDDI +Message App for Android prior to version 1.0.6, and KDDI +Message App for iOS prior to version 1.1.23) do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 4.3 |
| 2018-11-07 | CVE-2018-16845 | Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. | 5.8 |
| 2018-10-12 | CVE-2018-15968 | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. | 4.3 |
| 2018-10-12 | CVE-2018-15956 | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. | 4.3 |
| 2018-10-12 | CVE-2018-15953 | Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. | 4.3 |