CVE-2026-28946

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash...

BIT-JAVA-2026-20652

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service...

Astra Linux - уязвимость в webkit2gtk

A memory corruption issue has been resolved through improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2, and iPadOS 16.2, as well as watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux - уязвимость в webkit2gtk

The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that th...

CVE-2026-20691

A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user. Mitigation Do not visit untrusted web pages or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the...

EUVD-2026-15129

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash...

EUVD-2026-15149

A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack...

DEBIAN-CVE-2026-20691

An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user...

CVE-2026-28871

CVE-2026-28871 is a logic issue that can enable cross-site scripting when visiting a malicious website. The vulnerability is fixed in Apple platforms: Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, and macOS Tahoe 26.4. Related Nessus/OpenVAS entries confirm affected WebKit/...

CVE-2026-20656

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. An app may be able to access a user's Safari history...

CVE-2018-4438

A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9...

CVE-2018-4195

An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 12...

CVE-2018-4362

An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12...

CVE-2018-4445

"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2...

CVE-2025-43501

CVE-2025-43501 affects WebKitGTK/WebKitGTK4. The connected advisories document a buffer overflow in processing malicious web content that can lead to an unexpected process crash in affected GTK-based WebKit runtimes. The issue is fixed in WebKitGTK/WebKitGTK4 by version 2.50.4 (and related packag...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in multiple Appl...

PT-2025-51892

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 26.2 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3 macOS Tahoe versions prior to 26.2 visionOS versions prior to 26.2 WebKitGTK affected versions not specified webkit2gtk in Debian Linux affected...

SUSE CVE-2025-43425

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

SUSE CVE-2025-43432

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43430

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4:...