U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Category (CWE): CWE-20 Improper Input Validation
There are 9,282 matching records.
Displaying matches 2,941 through 2,960.
Vuln ID Summary CVSS Severity
CVE-2018-4397

Analytics data was sent using HTTP rather than HTTPS. This was addressed by sending analytics data using HTTPS. This issue affected versions prior to Apple Support 2.4 for iOS.

Published: April 03, 2019; 2:29:13 PM -0400 		V4.0:(not available)
 V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2018-4396

A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.

Published: April 03, 2019; 2:29:12 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4395

This issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.

Published: April 03, 2019; 2:29:12 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2018-4389

An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to macOS Mojave 10.14.1.

Published: April 03, 2019; 2:29:12 PM -0400 		V4.0:(not available)
 V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4385

A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.

Published: April 03, 2019; 2:29:12 PM -0400 		V4.0:(not available)
 V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4369

A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

Published: April 03, 2019; 2:29:10 PM -0400 		V4.0:(not available)
 V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-4368

A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.

Published: April 03, 2019; 2:29:10 PM -0400 		V4.0:(not available)
 V3.0: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2018-4363

An input validation issue existed in the kernel. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.

Published: April 03, 2019; 2:29:10 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 7.1 HIGH
CVE-2018-4362

An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12.

Published: April 03, 2019; 2:29:10 PM -0400 		V4.0:(not available)
 V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4353

A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.

Published: April 03, 2019; 2:29:09 PM -0400 		V4.0:(not available)
 V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-4348

A validation issue was addressed with improved logic. This issue affected versions prior to macOS Mojave 10.14.

Published: April 03, 2019; 2:29:09 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2018-4346

A validation issue existed which allowed local file access. This was addressed with input sanitization. This issue affected versions prior to macOS Mojave 10.14.

Published: April 03, 2019; 2:29:09 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4342

A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.1.

Published: April 03, 2019; 2:29:09 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2018-4338

A validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.

Published: April 03, 2019; 2:29:08 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4335

A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12.

Published: April 03, 2019; 2:29:08 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4333

A validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

Published: April 03, 2019; 2:29:08 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-4322

This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.

Published: April 03, 2019; 2:29:07 PM -0400 		V4.0:(not available)
 V3.0: 3.3 LOW
V2.0: 2.1 LOW
CVE-2018-4321

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.

Published: April 03, 2019; 2:29:07 PM -0400 		V4.0:(not available)
 V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2018-4313

A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.

Published: April 03, 2019; 2:29:06 PM -0400 		V4.0:(not available)
 V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2018-4307

A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12.

Published: April 03, 2019; 2:29:06 PM -0400 		V4.0:(not available)
 V3.0: 4.3 MEDIUM
V2.0: 4.3 MEDIUM