Apple expands “DarkSword” patches to iOS 18.7.7

Apple widened its latest iOS 18 security update to cover far more iPhones and iPads, specifically to stop real‑world DarkSword attacks that can compromise a device from a single website visit. After researchers published their findings about the DarkSword attacks and an exploit kit abusing the...

Exploit for Use After Free in Apple Safari

CVE-2025-43529 TL; DR Apple recently shipped iOS 26.2 and...

Google's AI 'Big Sleep' Finds 5 New Vulnerabilities in Apple's Safari WebKit

Google's artificial intelligence AI-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used in its Safari web browser that, if successfully exploited, could result in a browser crash or memory...

EUVD-2017-5385

Malware in sbrugna...

EUVD-2005-2523

Malware in sbrugna...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

This is an optimization error in the way RegEx matching is handled, leading to an exploit for the latest version of Safari as of Dec. 6 2018. The exploit is for CVE-2018-4233, which was patched in the current WebKit release. The vulnerability is in the WebKit engine and allows for remote code...

Linux Distros Unpatched Vulnerability : CVE-2013-1013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via...

Linux Distros Unpatched Vulnerability : CVE-2017-2378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves bookmark creation in the WebK...

Linux Distros Unpatched Vulnerability : CVE-2015-1079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of...

Linux Distros Unpatched Vulnerability : CVE-2011-0167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary loc...

Linux Distros Unpatched Vulnerability : CVE-2017-7161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue involves the WebKit Web Inspector component. It allows remote...

Linux Distros Unpatched Vulnerability : CVE-2015-7096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service memory...

Linux Distros Unpatched Vulnerability : CVE-2017-2547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the WebKit component. It...

The vulnerability in the isolated environment of the Web Content module of the Web pages displayed by the Safari browser and the visionOS, iOS, iPadOS, macOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of the isolated Web Content module in the WebKit browser of Safari and the operating systems VisionOS, iOS, iPadOS, and macOS lies in the ability to write code outside of the allocated memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by...

The vulnerability of the Web page rendering module in the Safari browser of the WebKit framework in operating systems macOS, iOS, iPadOS, visionOS, tvOS, and watchOS allows a hacker to trigger a service failure.

The vulnerability of the Web page rendering module in Safari browsers of macOS, iOS, iPadOS, VisionOS, tvOS, and WatchOS operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

VulnCheck KEV: CVE-2023-42917

Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products...

The vulnerability of the web page rendering modules in Safari’s WebKit browser for iOS, watchOS, tvOS, iPadOS operating systems allows attackers to execute arbitrary code.

The vulnerability of the Web page rendering modules in WebKit of Safari browsers for iOS, watchOS, tvOS, and iPadOS lies in the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Web page rendering module in Safari web browsers, as well as in operating systems such as watchOS, tvOS, iPadOS, iOS, macOS, allows attackers to execute XSS attacks.

The vulnerability of the Web page rendering module in Safari browsers running WebKit, as well as in operating systems such as watchOS, tvOS, iPadOS, iOS, and macOS, is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious act...

VulnCheck KEV: CVE-2023-32409

Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple...

VulnCheck KEV: CVE-2023-32373

Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple...