CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, Safari 12.1. Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting...

6.1CVSS5.4AI score0.00231EPSS

Exploits0References1

Apple•added 2020/11/12 10:19 a.m.•94 views

About the security content of Safari 13.1.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

9.8CVSS0.5AI score0.10562EPSS

Exploits7Affected Software1

OSV•added 2020/10/16 5:15 p.m.•1 views

CVE-2020-9911

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy...

7.5CVSS7.1AI score0.00334EPSS

Exploits0References2

Prion•added 2020/10/16 5:15 p.m.•12 views

Code injection

A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode...

2.1CVSS4.1AI score0.00068EPSS

Exploits0References1Affected Software1

CVE•added 2020/10/16 4:44 p.m.•65 views

CVE-2020-9911

CVE-2020-9911 is a logic issue in Safari Reader mode that could allow a remote attacker to bypass the Same Origin Policy. Apple fixes indicate the issue is addressed in iOS 13.6, iPadOS 13.6, and Safari 13.1.2. The initial description confirms a Same Origin bypass risk in Safari Reader; connected...

7.5CVSS7.2AI score0.00334EPSS

Exploits0References2Affected Software3

Positive Technologies•added 2020/10/16 12:0 a.m.•1 views

PT-2020-20858 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 Safari versions prior to 13.1.2 Description: A logic issue was addressed with improved restrictions. The issue may allow a remote attacker to bypass the Same Origin Policy in Safari...

7.5CVSS6.9AI score0.00334EPSS

Exploits0References3

Apple•added 2020/09/16 12:0 a.m.•361 views

About the security content of Safari 14.0

About the security content of Safari 14.0 This document describes the security content of Safari 14.0. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

8.8CVSS8.3AI score0.01995EPSS

Exploits0References1Affected Software1

Apple•added 2020/07/27 8:13 a.m.•45 views

About the security content of watchOS 5.1 - Apple Support

9.3CVSS0.2AI score0.41153EPSS

Exploits11Affected Software1

CNVD•added 2020/07/16 12:0 a.m.•7 views

Apple Safari Reader Component Logic Flaw Vulnerability

Apple Safari is a web browser from Apple Inc. and is the default browser that comes with the Mac OS X and iOS operating systems.Safari Reader is one of the reader components.... A security vulnerability exists in the Safari Reader component in Apple Safari versions prior to 13.1.2, iOS versions...

7.5CVSS6.5AI score0.00334EPSS

Exploits0References1

OSV•added 2019/12/18 6:15 p.m.•0 views

CVE-2019-6204

6.1CVSS5.2AI score

Exploits0References2