The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
Base Score: 4.3
Impact Score: 2.9
Exploitability Score: 8.6
Base Score: 6.5
Impact Score: 3.6
Exploitability Score: 2.8
|700554||Apple iOS < 12.1 Multiple Vulnerabilities||Nessus Network Monitor||Mobile Devices|
|700506||Apple Safari < 12.0.1 Multiple Vulnerabilities||Nessus Network Monitor||Web Clients|
|118718||Apple iTunes < 12.9.1 Multiple Vulnerabilities (credentialed check)||Nessus||Windows|
|118717||Apple iTunes < 12.9.1 Multiple Vulnerabilities (uncredentialed check)||Nessus||Peer-To-Peer File Sharing|
|118712||Apple TV < 12.1 Multiple Vulnerabilities||Nessus||Misc.|
|118571||macOS : Apple Safari < 12.0.1 Multiple Vulnerabilities||Nessus||MacOS X Local Security Checks|
|118569||Apple iOS < 12.1 Multiple Vulnerabilities||Nessus||Mobile Devices|