Security News

CVE-2017-13834

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted mach binary.
Categories: Security News

CVE-2017-13836

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
Categories: Security News

CVE-2017-13838

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Categories: Security News

CVE-2017-13840

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
Categories: Security News

CVE-2017-13841

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
Categories: Security News

CVE-2017-13842

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
Categories: Security News

CVE-2017-13843

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Categories: Security News

CVE-2017-13844

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Messages" component. It allows physically proximate attackers to view arbitrary photos via a Reply With Message action in the lock-screen state.
Categories: Security News

CVE-2017-13846

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
Categories: Security News

CVE-2017-13849

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted text file.
Categories: Security News

CVE-2017-13852

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to monitor arbitrary apps via a crafted app that accesses process information at a high rate.
Categories: Security News

CVE-2017-7113

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "UIKit" component. It allows attackers to bypass intended read restrictions for secure text fields via vectors involving a focus-change event.
Categories: Security News

CVE-2017-7132

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted Office document.
Categories: Security News

CVE-2017-13803

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Categories: Security News

CVE-2017-13804

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "StreamingZip" component. It allows remote attackers to write to unintended pathnames via a crafted ZIP archive.
Categories: Security News

CVE-2017-13805

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to obtain sensitive information via a Siri request for private-content notifications that should not have been available in the lock-screen state.
Categories: Security News

CVE-2017-13807

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted QuickTime file.
Categories: Security News

CVE-2017-13808

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Categories: Security News

CVE-2017-13809

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "AppleScript" component. It allows remote attackers to execute arbitrary code via a crafted AppleScript file that is mishandled by osadecompile.
Categories: Security News

CVE-2017-13810

National Vulnerability Database - Sun, 11/12/2017 - 22:29
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to obtain sensitive information by leveraging an error in packet counters.
Categories: Security News

Pages