Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:21 a.m.9 views

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Maliciously crafted web content may violate iframe sandboxing policy...

6.5CVSS5.8AI score0.00517EPSS
Exploits0References1
NVD
NVD
added 2025/03/31 11:15 p.m.15 views

CVE-2025-24180

The issue was addressed with improved input validation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix...

8.1CVSS0.00961EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/03/21 2:52 a.m.5 views

SUSE CVE-2024-44192

The issue was addressed with improved checks. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS6.8AI score0.00409EPSS
Exploits0References13
OSV
OSV
added 2025/03/10 7:15 p.m.3 views

DEBIAN-CVE-2024-44192

The issue was addressed with improved checks. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to an unexpected process crash...

5.5CVSS6.5AI score0.00409EPSS
Exploits0References1
NVD
NVD
added 2024/12/12 2:15 a.m.12 views

CVE-2024-54479

The issue was addressed with improved checks. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash...

7.5CVSS0.01595EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2024/10/28 9:8 p.m.12 views

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 and iPadOS 18. Maliciously crafted web content may violate iframe sandboxing policy...

5.8AI score0.00517EPSS
Exploits0References5
CVE
CVE
added 2024/10/28 9:8 p.m.67 views

CVE-2024-44155

CVE-2024-44155 affects Apple Safari and related OS components via a custom URL scheme handling issue. The root cause is improved input validation, addressing a vulnerability that could allow malicious web content to violate the iframe sandboxing policy. Public details indicate the fix is applied ...

6.5CVSS5.8AI score0.00517EPSS
Exploits0References6Affected Software5
NVD
NVD
added 2024/09/17 12:15 a.m.23 views

CVE-2024-44187

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin...

6.5CVSS0.00638EPSS
Exploits0References11
OSV
OSV
added 2024/09/17 12:15 a.m.22 views

CVE-2024-44187

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin...

6.5CVSS5.8AI score
Exploits0References11
NVD
NVD
added 2024/09/17 12:15 a.m.22 views

CVE-2024-40866

The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing...

6.5CVSS0.00915EPSS
Exploits0References5
OSV
OSV
added 2024/09/17 12:15 a.m.23 views

CVE-2024-40866

The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing...

6.5CVSS5.7AI score
Exploits0References5
Cvelist
Cvelist
added 2024/09/16 11:23 p.m.24 views

CVE-2024-44187

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin...

0.00638EPSS
Exploits0References6
CVE
CVE
added 2024/09/16 11:23 p.m.146 views

CVE-2024-44187

Summary of CVE-2024-44187 (Cross-origin iframe data exfiltration) A cross-origin issue existed involving iframe elements in WebKitGTK/WebKit2GTK, allowing a malicious site to exfiltrate data across origins. The root cause is stated as inadequate tracking of security origins for iframes. Affected ...

6.5CVSS6.9AI score0.00638EPSS
Exploits0References11Affected Software7
Debian CVE
Debian CVE
added 2024/09/16 11:23 p.m.19 views

CVE-2024-44187

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin...

6.5CVSS7AI score0.00638EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/09/16 11:22 p.m.23 views

CVE-2024-40857

This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting...

5.5AI score0.00542EPSS
Exploits0References6
CVE
CVE
added 2024/09/16 11:22 p.m.67 views

CVE-2024-40857

CVE-2024-40857 affects Apple platforms using WebKit: a web content processing flaw that could lead to universal cross-site scripting. The issue was addressed through improved state management and is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18, iPadOS 18, and tvOS 18 per t...

6.1CVSS6AI score0.00542EPSS
Exploits0References10Affected Software7
Cvelist
Cvelist
added 2024/09/16 11:22 p.m.19 views

CVE-2024-40857

This issue was addressed through improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may lead to universal cross site scripting...

0.00542EPSS
Exploits0References6
CVE
CVE
added 2024/09/16 11:22 p.m.114 views

CVE-2024-40866

CVE-2024-40866 affects WebKitGTK/WebKit2GTK. Visiting a malicious website may lead to address bar spoofing. Public advisories confirm fixes via package updates across distros: Debian (2.46.0-2~deb12u1 for bookworm; newer LTS entries exist), AlmaLinux 8/9 webkit2gtk3 advisories, Fedora package-ann...

6.5CVSS6.1AI score0.00915EPSS
Exploits0References5Affected Software2
Vulnrichment
Vulnrichment
added 2024/09/16 11:22 p.m.22 views

CVE-2024-40866

The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing...

5.9AI score0.00915EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/16 11:22 p.m.21 views

CVE-2024-40866

The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing...

0.00915EPSS
Exploits0References2
Rows per page
Query Builder