Apple expands “DarkSword” patches to iOS 18.7.7

Apple widened its latest iOS 18 security update to cover far more iPhones and iPads, specifically to stop real‑world DarkSword attacks that can compromise a device from a single website visit. After researchers published their findings about the DarkSword attacks and an exploit kit abusing the...

Exploit for Use After Free in Apple Safari

CVE-2025-43529 TL; DR Apple recently shipped iOS 26.2 and...

Google's AI 'Big Sleep' Finds 5 New Vulnerabilities in Apple's Safari WebKit

Google's artificial intelligence AI-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used in its Safari web browser that, if successfully exploited, could result in a browser crash or memory...

EUVD-2017-5385

Malware in sbrugna...

EUVD-2005-2523

Malware in sbrugna...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

This is an optimization error in the way RegEx matching is handled, leading to an exploit for the latest version of Safari as of Dec. 6 2018. The exploit is for CVE-2018-4233, which was patched in the current WebKit release. The vulnerability is in the WebKit engine and allows for remote code...

Linux Distros Unpatched Vulnerability : CVE-2011-0167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary loc...

Linux Distros Unpatched Vulnerability : CVE-2015-1079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of...

Linux Distros Unpatched Vulnerability : CVE-2013-1013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via...

Linux Distros Unpatched Vulnerability : CVE-2017-2378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves bookmark creation in the WebK...

Linux Distros Unpatched Vulnerability : CVE-2015-7096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service memory...

Linux Distros Unpatched Vulnerability : CVE-2017-7161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue involves the WebKit Web Inspector component. It allows remote...

Linux Distros Unpatched Vulnerability : CVE-2017-2547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the WebKit component. It...

VulnCheck KEV: CVE-2023-42917

Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products...

VulnCheck KEV: CVE-2023-32409

Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple...

VulnCheck KEV: CVE-2023-32373

Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple...

SUSE CVE-2009-1712

WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element...

SUSE CVE-2010-2264

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages...

SUSE CVE-2011-1774

WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425...

SUSE CVE-2015-1082

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other CVEs listed in...