Lucene search
K

79 matches found

Tenable Nessus
Tenable Nessus
added 2017/01/26 12:0 a.m.38 views

macOS : Apple Safari < 10.0.3 Multiple Vulnerabilities

The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 10.0.3. It is, therefore, affected by multiple vulnerabilities : - A prototype access flaw exists in WebKit when handling exceptions. An unauthenticated, remote attacker can exploit this, via specially crafted...

8.8CVSS7.8AI score0.07043EPSS
Exploits19References14
seebug.org
seebug.org
added 2016/10/11 12:0 a.m.53 views

Chrome Address Bar URL Spoofing on IOS

来源链接: http://xlab.tencent.com/cn/2016/10/11/CVE-2016-1707-Chrome-Address-Bar-URL-Spoofing-on-IOS/ (英文版)http://xisigr.com/x/cve-2016-1707/ 0x00 Vulnerability Overview Chrome浏览器地址栏欺骗漏洞CVE-2016-1707,这个漏洞笔者于2016年6月报告给Google,现在把漏洞细节分享给大家。URL Spoofing漏洞可以伪造一个合法的网站地址。攻击者可以利用这个漏洞对用户发起网络钓鱼攻击。 受影响版本:Chrome...

4.3CVSS7.8AI score0.01178EPSS
Exploits1
CNVD
CNVD
added 2016/07/28 12:0 a.m.4 views

Memory Corruption Vulnerability in Multiple Apple Products (CNVD-2016-05667)

Apple iOS, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems. tvOS is an operating system for smart TVs. webKit Page Loading is a WebKit...

8.8CVSS7.5AI score0.01907EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/28 12:0 a.m.4 views

Cross-Site Scripting Vulnerability in Multiple Apple Products

Apple iOS, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems. tvOS is an operating system for smart TVs. webKit Page Loading is a WebKit...

6.1CVSS5.5AI score0.01917EPSS
Exploits1References1
OSV
OSV
added 2016/07/22 2:59 a.m.4 views

UBUNTU-CVE-2016-4584

The WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site...

8.8CVSS7.7AI score0.01907EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2016/07/21 12:0 a.m.21 views

CVE-2016-4585

Cross-site scripting XSS vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari...

6.1CVSS7AI score0.01917EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2016/07/21 12:0 a.m.96 views

Apple TV < 9.2.2 Multiple Vulnerabilities

According to its banner, the version of the remote Apple TV device is prior to 9.2.2. It is, therefore, affected by multiple vulnerabilities in the following components : - CoreGraphics - ImageIO - IOAcceleratorFamily - IOHIDFamily - Kernel - libxml2 - libxslt - Sandbox Profiles - WebKit - WebKit...

10CVSS7AI score0.18843EPSS
Exploits12References42
OSV
OSV
added 2016/07/21 12:0 a.m.3 views

UBUNTU-CVE-2016-4585

Cross-site scripting XSS vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari...

6.1CVSS7AI score0.01917EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2016/07/19 12:0 a.m.51 views

Mac OS X : Apple Safari < 9.1.2 Multiple Vulnerabilities

The version of Apple Safari installed on the remote Mac OS X host is prior to 9.1.2. It is, therefore, affected by multiple vulnerabilities, the most serious of which can result in remote code execution, in the following components : - WebKit - WebKit JavaScript Bindings - WebKit Page Loading C...

8.8CVSS6.8AI score0.18843EPSS
Exploits5References14
BDU FSTEC
BDU FSTEC
added 2016/04/06 12:0 a.m.6 views

The vulnerability of Safari browser and iOS operating system allows attackers to obtain confidential information or circumvent existing access control policies.

The vulnerability of the Page Loading component implemented in WebKit of the Safari browser and the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to circumvent existing access restrictions or obtain confidenti...

4.3CVSS6.7AI score0.01544EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/04/06 12:0 a.m.10 views

The vulnerability of the iOS operating system and the Safari browser allows a hacker to replace the displayed URL address, circumvent existing access restrictions, and obtain confidential information.

The vulnerability of the Page Loading component implemented in WebKit of the iOS operating system and the Safari browser is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to replace the displayed URL address, circumvent existing access...

5.8CVSS6.6AI score0.01171EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2016/03/24 1:59 a.m.2 views

CVE-2016-1786

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx aka redirection status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and obtain sensitive cached information via a crafted...

5.4CVSS7.4AI score0.01171EPSS
Exploits0References6
NVD
NVD
added 2016/03/24 1:59 a.m.15 views

CVE-2016-1786

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx aka redirection status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and obtain sensitive cached information via a crafted...

5.8CVSS4.5AI score0.01171EPSS
Exploits0References6
NVD
NVD
added 2016/03/24 1:59 a.m.12 views

CVE-2016-1785

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site...

6.5CVSS5.4AI score0.01544EPSS
Exploits0References6
Prion
Prion
added 2016/03/24 1:59 a.m.15 views

Design/Logic Flaw

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site...

4.3CVSS5.7AI score0.01544EPSS
Exploits0References6Affected Software2
UbuntuCve
UbuntuCve
added 2016/03/24 1:59 a.m.18 views

CVE-2016-1785

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site...

6.5CVSS7AI score0.01544EPSS
Exploits0References6
OSV
OSV
added 2016/03/24 1:59 a.m.2 views

UBUNTU-CVE-2016-1786

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx aka redirection status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and obtain sensitive cached information via a crafted...

5.4CVSS6.8AI score0.01171EPSS
Exploits0References7
OSV
OSV
added 2016/03/24 1:59 a.m.4 views

UBUNTU-CVE-2016-1785

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site...

6.5CVSS5.8AI score0.01544EPSS
Exploits0References7
Prion
Prion
added 2016/03/24 1:59 a.m.17 views

Design/Logic Flaw

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx aka redirection status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and obtain sensitive cached information via a crafted...

5.8CVSS5.7AI score0.01171EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2016/03/24 1:0 a.m.20 views

CVE-2016-1785

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site...

5.8AI score0.01544EPSS
Exploits0References6
Rows per page
Query Builder