Safari Security Vulnerabilities and Issues — Page 4 of Safari CVE List

Lucene search

AppleSafari

188 matches found

CVE•added 2017/04/02 1:59 a.m.•61 views

CVE-2017-2389

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof an HTTP authentication sheet or cause a denial of service via a crafted web site.

8.1CVSS7.3AI score0.00955EPSS

CVE•added 2017/02/20 8:59 a.m.•60 views

CVE-2016-7598

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information from process memor...

6.5CVSS5.9AI score0.00569EPSS

CVE•added 2017/02/20 8:59 a.m.•59 views

CVE-2016-4743

7.1CVSS6.8AI score0.00356EPSS

CVE•added 2017/02/20 8:59 a.m.•59 views

CVE-2016-7578

An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbit...

8.8CVSS8.6AI score0.01005EPSS

CVE•added 2017/05/22 5:29 a.m.•59 views

CVE-2017-2530

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iCloud before 6.2.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a ...

8.8CVSS8AI score0.00658EPSS

CVE•added 2017/05/22 5:29 a.m.•59 views

CVE-2017-2536

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and app...

8.8CVSS8AI score0.10876EPSS

CVE•added 2017/05/22 5:29 a.m.•59 views

CVE-2017-2549

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly in...

6.1CVSS5.8AI score0.00429EPSS

CVE•added 2017/07/20 4:29 p.m.•59 views

CVE-2017-7060

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "Safari Printing" component. It allows remote attackers to cause a denial of service (excessive print dialogs) via a crafted web site.

6.5CVSS6.2AI score0.00582EPSS

CVE•added 2017/05/22 5:29 a.m.•58 views

CVE-2017-2514

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we...

8.8CVSS8AI score0.03557EPSS

CVE•added 2017/05/22 5:29 a.m.•58 views

CVE-2017-2528

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with cached frames.

6.1CVSS5.8AI score0.01328EPSS

CVE•added 2017/02/20 8:59 a.m.•57 views

CVE-2016-4666

An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and appli...

8.8CVSS8.6AI score0.01084EPSS

CVE•added 2017/05/22 5:29 a.m.•56 views

CVE-2017-2515

8.8CVSS8AI score0.04118EPSS

CVE•added 2017/05/22 5:29 a.m.•56 views

CVE-2017-2531

8.8CVSS8AI score0.06379EPSS

CVE•added 2017/05/22 5:29 a.m.•55 views

CVE-2017-2499

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to execute arbitrary unsigned code or cause a denial of service (memory co...

7.8CVSS7.8AI score0.00262EPSS

CVE•added 2017/05/22 5:29 a.m.•55 views

CVE-2017-2525

8.8CVSS8AI score0.00892EPSS

CVE•added 2017/05/22 5:29 a.m.•55 views

CVE-2017-2547

8.8CVSS8AI score0.57418EPSS

CVE•added 2017/02/20 8:59 a.m.•52 views

CVE-2016-7646

8.8CVSS8AI score0.00728EPSS

CVE•added 2017/02/20 8:59 a.m.•52 views

CVE-2017-2359

An issue was discovered in certain Apple products. Safari before 10.0.3 is affected. The issue involves the "Safari" component, which allows remote attackers to spoof the address bar via a crafted web site.

6.5CVSS6.2AI score0.00245EPSS

CVE•added 2017/05/22 5:29 a.m.•52 views

CVE-2017-2544

8.8CVSS8AI score0.00979EPSS

CVE•added 2017/02/20 8:59 a.m.•51 views

CVE-2016-7613

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context via a cr...

9.3CVSS7.1AI score0.00157EPSS

CVE•added 2017/04/02 1:59 a.m.•51 views

CVE-2017-2385

An issue was discovered in certain Apple products. Safari before 10.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows local users to obtain access to locked keychain items via unspecified vectors.

5.5CVSS5.5AI score0.00063EPSS

CVE•added 2017/05/22 5:29 a.m.•51 views

CVE-2017-2526

8.8CVSS8AI score0.00752EPSS

CVE•added 2017/02/20 8:59 a.m.•50 views

CVE-2016-4677

8.8CVSS8.6AI score0.01084EPSS

CVE•added 2017/02/20 8:59 a.m.•50 views

CVE-2016-7611

8.8CVSS8AI score0.00745EPSS

CVE•added 2017/05/22 5:29 a.m.•50 views

CVE-2017-2495

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (application crash) via a crafted web site that improperly interacts with the histor...

6.5CVSS6.2AI score0.00466EPSS

CVE•added 2017/02/20 8:59 a.m.•49 views

CVE-2016-7640

8.8CVSS8AI score0.00774EPSS

CVE•added 2017/02/20 8:59 a.m.•48 views

CVE-2016-7648

8.8CVSS8AI score0.00728EPSS

CVE•added 2017/11/13 3:29 a.m.•48 views

CVE-2017-13790

An issue was discovered in certain Apple products. Safari before 11.0.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site.

6.5CVSS6.2AI score0.00217EPSS

CVE•added 2017/02/20 8:59 a.m.•47 views

CVE-2016-7642

8.8CVSS8AI score0.00728EPSS

CVE•added 2017/02/20 8:59 a.m.•47 views

CVE-2016-7649

8.8CVSS8AI score0.00728EPSS

CVE•added 2017/02/20 8:59 a.m.•46 views

CVE-2016-7650

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "Safari Reader" component, which allows remote attackers to conduct UXSS attacks via a crafted web site.

4.7CVSS5.1AI score0.00248EPSS

CVE•added 2017/05/22 5:29 a.m.•46 views

CVE-2017-2506

8.8CVSS8AI score0.00853EPSS

CVE•added 2017/12/21 3:29 a.m.•45 views

CVE-2017-17821

WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function (in WTF/wtf/FastBitVector.cpp)...

9.8CVSS9.8AI score0.00677EPSS

CVE•added 2017/11/13 3:29 a.m.•44 views

CVE-2017-13789

6.5CVSS6.2AI score0.00217EPSS

CVE•added 2017/04/03 5:59 a.m.•43 views

CVE-2016-10222

runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function...

7.5CVSS7.4AI score0.00464EPSS

CVE•added 2017/05/22 5:29 a.m.•43 views

CVE-2017-2500

An issue was discovered in certain Apple products. Safari before 10.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site.

4.7CVSS5.2AI score0.00217EPSS

CVE•added 2017/05/22 5:29 a.m.•38 views

CVE-2017-2511

6.5CVSS6.2AI score0.00217EPSS

CVE•added 2017/04/03 5:59 a.m.•26 views

CVE-2016-10226

JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssembl...

7.5CVSS7.3AI score0.00464EPSS

Total number of security vulnerabilities188