Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2017
CVE-2017-13818
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-13
CVE-2017-13819
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML by bypassing the Same Origin Policy for quarantined HTML documents.
CVSS Score
6.1
EPSS Score
0.004
Published
2017-11-13
CVE-2017-13820
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted font.
CVSS Score
7.1
EPSS Score
0.003
Published
2017-11-13
CVE-2017-13821
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFString" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-13
CVE-2017-13822
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-13
CVE-2017-13823
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "QuickTime" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-13
CVE-2017-13824
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted AppleScript file that is mishandled by osadecompile.
CVSS Score
7.8
EPSS Score
0.005
Published
2017-11-13
CVE-2017-13825
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption) via a crafted font file.
CVSS Score
7.8
EPSS Score
0.005
Published
2017-11-13
CVE-2017-13828
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Fonts" component. It allows remote attackers to spoof the user interface via crafted text.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-11-13
CVE-2017-13829
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-11-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved