Apple tvOS vulnerabilities

CVE-2018-4420 [HIGH] CWE-119 CVE-2018-4420: A memory corruption issue was addressed by removing the vulnerable code. This issue affected version A memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

CVE-2018-4427 [HIGH] CWE-119 CVE-2018-4427: A memory corruption issue was addressed with improved memory handling. This issue affected versions A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Security Update 2018-006.

CVE-2018-4408 [HIGH] CWE-119 CVE-2018-4408: A memory corruption issue was addressed with improved input validation This issue affected versions A memory corruption issue was addressed with improved input validation This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

CVE-2018-4447 [HIGH] CWE-119 CVE-2018-4447: A memory corruption issue was addressed with improved state management. This issue affected versions A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

CVE-2018-4303 [HIGH] CWE-20 CVE-2018-4303: An input validation issue was addressed with improved input validation. This issue affected versions An input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14, iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

CVE-2018-4145 [HIGH] CWE-119 CVE-2018-4145: Multiple memory corruption issues were addressed with improved memory handling. This issue affected Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.3, tvOS 11.3, watchOS 4.3, Safari 11.1, iTunes 12.7.4 for Windows, iCloud for Windows 7.4.

CVE-2018-4282 [MEDIUM] CWE-125 CVE-2018-4282: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2.

CVE-2018-4345 [MEDIUM] CWE-79 CVE-2018-4345: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4413 [MEDIUM] CWE-119 CVE-2018-4413: A memory initialization issue was addressed with improved memory handling. This issue affected versi A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

CVE-2018-4395 [MEDIUM] CWE-20 CVE-2018-4395: This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS M This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

CVE-2018-4460 [MEDIUM] CWE-20 CVE-2018-4460: A denial of service issue was addressed by removing the vulnerable code. This issue affected version A denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

CVE-2018-4409 [MEDIUM] CWE-400 CVE-2018-4409: A resource exhaustion issue was addressed with improved input validation. This issue affected versio A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4368 [MEDIUM] CWE-20 CVE-2018-4368: A denial of service issue was addressed with improved validation. This issue affected versions prior A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

CVE-2018-4305 [MEDIUM] CWE-20 CVE-2018-4305: An input validation issue was addressed with improved input validation. This issue affected versions An input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.

CVE-2018-4399 [MEDIUM] CWE-20 CVE-2018-4399: An access issue existed with privileged API calls. This issue was addressed with additional restrict An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

CVE-2018-4270 [MEDIUM] CWE-119 CVE-2018-4270: A memory corruption issue was addressed with improved memory handling. This issue affected versions A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4273 [MEDIUM] CWE-119 CVE-2018-4273: Multiple memory corruption issues were addressed with improved input validation. This issue affected Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4271 [MEDIUM] CWE-119 CVE-2018-4271: Multiple memory corruption issues were addressed with improved input validation. This issue affected Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4363 [MEDIUM] CWE-20 CVE-2018-4363: An input validation issue existed in the kernel. This issue was addressed with improved input valida An input validation issue existed in the kernel. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.

CVE-2018-4431 [MEDIUM] CWE-200 CVE-2018-4431: A memory initialization issue was addressed with improved memory handling. This issue affected versi A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.