| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Mail" component. It allows remote attackers to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the lack of installation of an S/MIME certificate by the recipient. |
| An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. The issue involves the "Mail Drafts" component. It allows man-in-the-middle attackers to read e-mail content by leveraging mishandling of S/MIME credential encryption. |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions before 8.40 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
| A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36591008. |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to have an unspecified impact by leveraging TLS 1.0 support. |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Fonts" component. It allows remote attackers to spoof the user interface via crafted text. |
| An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
| A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36588422. |
| A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37208566. |
| An elevation of privilege vulnerability in the kernel edl. Product: Android. Versions: Android kernel. Android ID A-63100473. |
| An elevation of privilege vulnerability in the MediaTek system server. Product: Android. Versions: Android kernel. Android ID A-28067350. References: M-ALPS02672361. |
| An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791. |
| An elevation of privilege vulnerability in the MediaTek performance service. Product: Android. Versions: Android kernel. Android ID A-64316572. References: M-ALPS03479086. |
| An elevation of privilege vulnerability in the MediaTek display driver. Product: Android. Versions: Android kernel. Android ID A-36102397. References: M-ALPS03359280. |
| An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993. |
| An elevation of privilege vulnerability in the kernel file system. Product: Android. Versions: Android kernel. Android ID A-31269937. |
| An elevation of privilege vulnerability in the kernel mtp usb driver. Product: Android. Versions: Android kernel. Android ID A-37429972. |
| An elevation of privilege vulnerability in the kernel binder. Product: Android. Versions: Android kernel. Android ID A-64216036. |
| An elevation of privilege vulnerability in the Broadcom wireless driver. Product: Android. Versions: Android kernel. Android ID A-63930471. References: BC-V2017092501. |
| In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used. |
