Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AppleSafari4.0.1

78 matches found

CVE
CVEadded 2010/09/10 7:0 p.m.160 views

CVE-2010-1807

WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related...

9.3CVSS8.9AI score0.80553EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.73 views

CVE-2010-1419

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a certain window close...

9.3CVSS9.1AI score0.10048EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.69 views

CVE-2010-1395

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issu...

4.3CVSS7AI score0.01195EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.65 views

CVE-2010-0544

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malformed URL.

4.3CVSS5.2AI score0.00763EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.63 views

CVE-2010-1750

Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.

9.3CVSS7.6AI score0.05719EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.63 views

CVE-2010-1792

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression.

9.3CVSS9.2AI score0.06539EPSS
CVE
CVEadded 2010/03/15 1:28 p.m.62 views

CVE-2010-0046

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.

9.3CVSS8.9AI score0.09029EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.62 views

CVE-2010-1783

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory co...

9.3CVSS9.2AI score0.04924EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.62 views

CVE-2010-1784

The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi...

9.3CVSS9.2AI score0.04924EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.61 views

CVE-2010-1401

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vec...

9.3CVSS9AI score0.10956EPSS
CVE
CVEadded 2010/03/15 2:15 p.m.60 views

CVE-2010-0051

WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.

4.3CVSS7.3AI score0.02404EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.60 views

CVE-2010-1393

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL.

4.3CVSS8.3AI score0.01392EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.60 views

CVE-2010-2264

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages ...

4.3CVSS7.4AI score0.00732EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.59 views

CVE-2010-1414

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the removeChild DOM method.

9.3CVSS9.1AI score0.13965EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.59 views

CVE-2010-1782

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to the rendering...

9.3CVSS9.3AI score0.06539EPSS
CVE
CVEadded 2010/03/25 9:0 p.m.58 views

CVE-2010-1119

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database...

10CVSS8.6AI score0.28439EPSS
CVE
CVEadded 2010/03/15 1:28 p.m.57 views

CVE-2010-0040

Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.

9.3CVSS8.8AI score0.19782EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.57 views

CVE-2010-1390

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to improper UTF-7 canonicalization, and lack of termination of...

4.3CVSS7.1AI score0.01195EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.57 views

CVE-2010-1749

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) ru...

9.3CVSS8.6AI score0.12597EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.57 views

CVE-2010-1771

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving fonts.

9.3CVSS8.7AI score0.08537EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.57 views

CVE-2010-1785

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote atta...

9.3CVSS9.1AI score0.07555EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.57 views

CVE-2010-1786

Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a foreignObject elemen...

9.3CVSS9.1AI score0.06495EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.56 views

CVE-2010-1396

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and r...

9.3CVSS8.6AI score0.07407EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.56 views

CVE-2010-1417

The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content ...

9.3CVSS8.9AI score0.08544EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.56 views

CVE-2010-1759

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Node.normalize method.

9.3CVSS8.7AI score0.48797EPSS
CVE
CVEadded 2010/03/15 2:15 p.m.55 views

CVE-2010-0052

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."

9.3CVSS8.6AI score0.08537EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.55 views

CVE-2010-1402

Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, ...

9.3CVSS9.1AI score0.10956EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.55 views

CVE-2010-1404

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG document that contains recursive Use elements, ...

9.3CVSS9.2AI score0.12489EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.55 views

CVE-2010-1758

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving DOM Range objects.

9.3CVSS8.7AI score0.13965EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.54 views

CVE-2010-1389

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) paste or (2) drag-and-drop operation for...

4.3CVSS7.1AI score0.01007EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.54 views

CVE-2010-1391

Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors invol...

4.3CVSS8.9AI score0.00565EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.54 views

CVE-2010-1416

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attackers to read images from other sites via a crafted ...

4.3CVSS7.8AI score0.01397EPSS
CVE
CVEadded 2010/03/15 1:28 p.m.53 views

CVE-2010-0048

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.

9.3CVSS8.6AI score0.04724EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.53 views

CVE-2010-1397

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection re...

9.3CVSS8.7AI score0.12489EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.53 views

CVE-2010-1398

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a craft...

9.3CVSS8.8AI score0.09518EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.53 views

CVE-2010-1409

Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to trigger disclosure of data over IRC via vectors involving an IRC service port.

5.8CVSS8.1AI score0.00883EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.53 views

CVE-2010-1415

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to an "API ...

9.3CVSS9AI score0.34318EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.53 views

CVE-2010-1418

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via a FRAME element with a SRC attribute composed of a javascript: sequence preced...

4.3CVSS6.8AI score0.01199EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.53 views

CVE-2010-1761

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees.

9.3CVSS8.6AI score0.08374EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.53 views

CVE-2010-1780

Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to ele...

9.3CVSS9.1AI score0.06495EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.53 views

CVE-2010-1788

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a use element in an SVG document...

9.3CVSS9.3AI score0.06539EPSS
CVE
CVEadded 2010/03/15 2:15 p.m.52 views

CVE-2010-0049

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.

9.3CVSS8.6AI score0.36531EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.52 views

CVE-2010-1410

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document with nested use elements.

9.3CVSS9.3AI score0.16558EPSS
CVE
CVEadded 2010/06/11 7:30 p.m.52 views

CVE-2010-1774

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML d...

9.3CVSS8.6AI score0.05917EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.52 views

CVE-2010-1793

Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-f...

9.3CVSS9.3AI score0.41148EPSS
CVE
CVEadded 2010/09/10 7:0 p.m.52 views

CVE-2010-1806

Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers.

9.3CVSS7.7AI score0.04936EPSS
CVE
CVEadded 2010/03/15 1:28 p.m.51 views

CVE-2010-0043

ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.

9.3CVSS8.8AI score0.16213EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.51 views

CVE-2010-1388

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and before 4.1 on Mac OS X 10.4, does not properly handle clipboard (1) drag and (2) paste operations for URLs, which allows user-assisted remote attackers to read arbitrary files via a crafted HTML document.

4.3CVSS7.7AI score0.0086EPSS
CVE
CVEadded 2010/06/11 6:0 p.m.51 views

CVE-2010-1403

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application cras...

9.3CVSS9AI score0.16559EPSS
CVE
CVEadded 2010/07/30 8:30 p.m.51 views

CVE-2010-1791

Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index.

9.3CVSS9.1AI score0.10309EPSS
Total number of security vulnerabilities78