Lucene search
K

16 matches found

seebug.org
seebug.org
added 2017/05/26 12:0 a.m.39 views

WebKit: UXSS via Editor::Command::execute(CVE-2017-2504)

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via a crafted web site that improperly...

4.3CVSS6.7AI score0.03347EPSS
Exploits4
CNVD
CNVD
added 2017/05/24 12:0 a.m.3 views

Apple iOS and Safari WebKit Memory Corruption Vulnerability (CNVD-2017-07607)

Apple iOS and Safari are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems; WebKit is an open-source web browser engine developed by KDE, Apple, Google,...

8.8CVSS7.7AI score0.01464EPSS
Exploits0References1
NVD
NVD
added 2017/05/22 5:29 a.m.16 views

CVE-2017-2528

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via a crafted web site that improperly interacts with cached frames...

6.1CVSS5.1AI score0.02025EPSS
Exploits3References6
Prion
Prion
added 2017/05/22 5:29 a.m.19 views

Command injection

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via a crafted web site that improperly...

4.3CVSS5.1AI score0.03347EPSS
Exploits4References7Affected Software3
Prion
Prion
added 2017/05/22 5:29 a.m.18 views

Code injection

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service application crash via a crafted web site that improperly interacts with the histor...

4.3CVSS5.5AI score0.00884EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2017/05/22 5:29 a.m.16 views

Memory corruption

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

6.8CVSS8.6AI score0.01508EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2017/05/22 5:29 a.m.28 views

CVE-2017-2521

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial o...

8.8CVSS7.6AI score0.05903EPSS
Exploits4References6
UbuntuCve
UbuntuCve
added 2017/05/22 5:29 a.m.24 views

CVE-2017-2547

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

8.8CVSS7.6AI score0.14349EPSS
Exploits3References4
OSV
OSV
added 2017/05/22 5:29 a.m.3 views

UBUNTU-CVE-2017-2528

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via a crafted web site that improperly interacts with cached frames...

6.1CVSS7.2AI score0.02025EPSS
Exploits3References5
UbuntuCve
UbuntuCve
added 2017/05/22 5:29 a.m.23 views

CVE-2017-2506

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

8.8CVSS7.6AI score0.01464EPSS
Exploits0References4
OSV
OSV
added 2017/05/22 5:29 a.m.1 views

CVE-2017-2500

An issue was discovered in certain Apple products. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site...

4.7CVSS7.3AI score0.00694EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2017/05/22 5:29 a.m.28 views

CVE-2017-2514

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

8.8CVSS7.6AI score0.06067EPSS
Exploits3References4
Debian CVE
Debian CVE
added 2017/05/22 4:54 a.m.29 views

CVE-2017-2544

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted we...

8.8CVSS8.8AI score0.01508EPSS
Exploits0
seebug.org
seebug.org
added 2017/05/22 12:0 a.m.23 views

Address bar spoofing on macOS Safari(CVE-2017-2500)

version: Safari function spoof document.write"Apple loginPlease input your Apple ID!!!But this is not apple.com!"; window.location.assign"http://www.apple.com:1234"; //or you can use the following JS code: //window.location.assign"http://access.apple.com"; setIntervalspoof,2000; setTimeoutfunctio...

4.3CVSS6.7AI score0.00694EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2017/05/22 12:0 a.m.24 views

CVE-2017-2510

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via a crafted web site that improperly interacts with pageshow events...

6.1CVSS6.9AI score0.03918EPSS
Exploits3References6
Apple
Apple
added 2017/05/15 12:0 a.m.42 views

About the security content of Safari 10.1.1

About the security content of Safari 10.1.1 This document describes the security content of Safari 10.1.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

8.8CVSS8.6AI score0.14349EPSS
Exploits42References1Affected Software1
Rows per page
Query Builder