Safari@7.0.3 Security Vulnerabilities and Issues — Safari@7.0.3 CVE List

Lucene search

AppleSafari7.0.3

86 matches found

CVE•added 2015/05/08 12:59 a.m.•80 views

CVE-2015-1152

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.

6.8CVSS8.8AI score0.01171EPSS

CVE•added 2015/03/18 10:59 p.m.•73 views

CVE-2015-1069

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS8.8AI score0.00872EPSS

CVE•added 2015/03/18 10:59 p.m.•71 views

CVE-2015-1071

6.8CVSS8.8AI score0.00805EPSS

CVE•added 2015/05/08 12:59 a.m.•70 views

CVE-2015-1153

6.8CVSS8.8AI score0.01171EPSS

CVE•added 2015/04/10 2:59 p.m.•67 views

CVE-2015-1120

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabi...

6.8CVSS8.9AI score0.00781EPSS

CVE•added 2014/12/10 9:59 p.m.•66 views

CVE-2014-4466

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-...

7.5CVSS7.8AI score0.01006EPSS

CVE•added 2015/05/08 12:59 a.m.•66 views

CVE-2015-1154

6.8CVSS8.8AI score0.01171EPSS

CVE•added 2015/01/30 11:59 a.m.•65 views

CVE-2014-4477

WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne...

6.8CVSS5.3AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•65 views

CVE-2015-1077

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/01/30 11:59 a.m.•63 views

CVE-2014-4476

6.8CVSS5.3AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•62 views

CVE-2015-1075

6.8CVSS8.8AI score0.01021EPSS

CVE•added 2015/07/03 1:59 a.m.•61 views

CVE-2015-3658

The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypa...

6.8CVSS7.6AI score0.00273EPSS

CVE•added 2015/01/30 11:59 a.m.•60 views

CVE-2014-4479

6.8CVSS5.3AI score0.00913EPSS

CVE•added 2014/05/22 7:55 p.m.•59 views

CVE-2014-1329

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1.

6.8CVSS7.9AI score0.00944EPSS

CVE•added 2014/05/22 7:55 p.m.•59 views

CVE-2014-1344

6.8CVSS7.9AI score0.0184EPSS

CVE•added 2014/12/10 9:59 p.m.•59 views

CVE-2014-4471

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1074

6.8CVSS7.8AI score0.00787EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1078

6.8CVSS7.8AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1083

6.8CVSS7.8AI score0.00861EPSS

CVE•added 2015/04/10 2:59 p.m.•59 views

CVE-2015-1127

The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.

2.1CVSS7.3AI score0.00062EPSS

CVE•added 2014/05/22 7:55 p.m.•58 views

CVE-2014-1326

6.8CVSS7.9AI score0.01344EPSS

CVE•added 2014/12/10 9:59 p.m.•58 views

CVE-2014-4468

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•58 views

CVE-2015-1076

6.8CVSS8.8AI score0.00805EPSS

CVE•added 2015/05/08 12:59 a.m.•58 views

CVE-2015-1155

The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.

4.3CVSS7.7AI score0.5513EPSS

CVE•added 2015/03/18 10:59 p.m.•56 views

CVE-2015-1079

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/07/03 1:59 a.m.•56 views

CVE-2015-3659

The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause...

6.8CVSS8.8AI score0.01109EPSS

CVE•added 2014/08/14 11:15 a.m.•55 views

CVE-2014-1386

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

6.8CVSS7.9AI score0.0086EPSS

CVE•added 2014/08/14 11:15 a.m.•55 views

CVE-2014-1389

6.8CVSS7.9AI score0.01645EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4470

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4474

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4475

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•55 views

CVE-2015-1082

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•55 views

CVE-2015-1121

6.8CVSS8.9AI score0.00843EPSS

CVE•added 2014/05/22 7:55 p.m.•54 views

CVE-2014-1327

6.8CVSS7.9AI score0.01655EPSS

CVE•added 2014/05/22 7:55 p.m.•54 views

CVE-2014-1338

6.8CVSS7.9AI score0.01344EPSS

CVE•added 2015/03/18 10:59 p.m.•54 views

CVE-2015-1081

6.8CVSS8.8AI score0.00861EPSS

CVE•added 2015/04/10 2:59 p.m.•54 views

CVE-2015-1119

6.8CVSS8.9AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•54 views

CVE-2015-1122

6.8CVSS8.9AI score0.00836EPSS

CVE•added 2015/07/03 2:0 a.m.•54 views

CVE-2015-3727

WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.

6.8CVSS7.6AI score0.00942EPSS

CVE•added 2014/08/14 11:15 a.m.•53 views

CVE-2014-1384

6.8CVSS7.9AI score0.01645EPSS

CVE•added 2014/08/14 11:15 a.m.•53 views

CVE-2014-1388

6.8CVSS7.9AI score0.01645EPSS

CVE•added 2014/12/10 9:59 p.m.•53 views

CVE-2014-4473

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•53 views

CVE-2015-1070

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2014/05/22 7:55 p.m.•52 views

CVE-2014-1346

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL.

5CVSS6.2AI score0.00615EPSS

CVE•added 2014/07/01 10:17 a.m.•52 views

CVE-2014-1363

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other...

6.8CVSS7.8AI score0.01171EPSS

CVE•added 2014/12/10 9:59 p.m.•52 views

CVE-2014-4469

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•52 views

CVE-2015-1072

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/04/10 2:59 p.m.•52 views

CVE-2015-1124

6.8CVSS8.9AI score0.00913EPSS

CVE•added 2014/05/22 7:55 p.m.•51 views

CVE-2014-1330

6.8CVSS7.9AI score0.01344EPSS

CVE•added 2014/07/01 10:17 a.m.•51 views

CVE-2014-1340

WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1.

6.8CVSS7.9AI score0.01057EPSS

Total number of security vulnerabilities86