The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2018-4324 | A permissions issue existed in the handling of the Apple ID. This issue was addressed with improved access controls. This issue affected versions prior to macOS Mojave 10.14. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4323 | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4322 | This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12. | LOW | Apr 4, 2019 |
| CVE-2018-4321 | A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4319 | A cross-origin issue existed with \"iframe\" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 5, 2019 |
| CVE-2018-4318 | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 5, 2019 |
| CVE-2018-4317 | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 5, 2019 |
| CVE-2018-4316 | A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4315 | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 5, 2019 |
| CVE-2018-4314 | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 5, 2019 |
| CVE-2018-4313 | A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. | LOW | Apr 4, 2019 |
| CVE-2018-4312 | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 8, 2019 |
| CVE-2018-4311 | The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 8, 2019 |
| CVE-2018-4310 | An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14. | HIGH | Apr 8, 2019 |
| CVE-2018-4309 | A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4308 | An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave 10.14. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4307 | A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4306 | A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4305 | An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5. | LOW | Apr 4, 2019 |
| CVE-2018-4304 | A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4303 | An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14, iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4302 | A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution. | MEDIUM | Dec 23, 2021 |
| CVE-2018-4300 | The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10. | Medium | Apr 8, 2019 |
| CVE-2018-4299 | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4298 | In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a permissions issue existed in Remote Management. This issue was addressed through improved permission validation. | HIGH | Jan 11, 2019 |
| CVE-2018-4296 | This issue is fixed in macOS Mojave 10.14. A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. | HIGH | Oct 27, 2020 |
| CVE-2018-4295 | An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14. | HIGH | Apr 4, 2019 |
| CVE-2018-4293 | A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | MEDIUM | Apr 5, 2019 |
| CVE-2018-4291 | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6. | HIGH | Apr 4, 2019 |
| CVE-2018-4290 | A denial of service issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, watchOS 4.3.2. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4289 | An information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra 10.13.6. | HIGH | Apr 4, 2019 |
| CVE-2018-4288 | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6. | HIGH | Apr 4, 2019 |
| CVE-2018-4287 | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6. | HIGH | Apr 4, 2019 |
| CVE-2018-4286 | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6. | HIGH | Apr 4, 2019 |
| CVE-2018-4285 | A type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6. | HIGH | Apr 4, 2019 |
| CVE-2018-4284 | A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4283 | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4282 | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4281 | In SwiftNIO before 1.8.0, a buffer overflow was addressed with improved size validation. | HIGH | Jan 11, 2019 |
| CVE-2018-4280 | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. | MEDIUM | Apr 5, 2019 |
| CVE-2018-4279 | An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4278 | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. | MEDIUM | Jan 12, 2019 |
| CVE-2018-4277 | In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. | MEDIUM | Jan 12, 2019 |
| CVE-2018-4276 | A null pointer dereference was addressed with improved validation. This issue affected versions prior to macOS High Sierra 10.13.6. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4275 | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4274 | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4273 | Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4272 | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4271 | Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | MEDIUM | Apr 4, 2019 |
| CVE-2018-4270 | A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6. | MEDIUM | Apr 4, 2019 |
