Safari@7.0.5 Security Vulnerabilities and Issues — Safari@7.0.5 CVE List

Lucene search

AppleSafari7.0.5

55 matches found

CVE•added 2015/05/08 12:59 a.m.•80 views

CVE-2015-1152

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1153 and CVE-2015-1154.

6.8CVSS8.8AI score0.01171EPSS

CVE•added 2015/03/18 10:59 p.m.•73 views

CVE-2015-1069

WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03...

6.8CVSS8.8AI score0.00872EPSS

CVE•added 2015/03/18 10:59 p.m.•71 views

CVE-2015-1071

6.8CVSS8.8AI score0.00805EPSS

CVE•added 2015/05/08 12:59 a.m.•70 views

CVE-2015-1153

6.8CVSS8.8AI score0.01171EPSS

CVE•added 2015/04/10 2:59 p.m.•67 views

CVE-2015-1120

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerabi...

6.8CVSS8.9AI score0.00781EPSS

CVE•added 2014/12/10 9:59 p.m.•66 views

CVE-2014-4466

WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-...

7.5CVSS7.8AI score0.01006EPSS

CVE•added 2015/05/08 12:59 a.m.•66 views

CVE-2015-1154

6.8CVSS8.8AI score0.01171EPSS

CVE•added 2015/01/30 11:59 a.m.•65 views

CVE-2014-4477

WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne...

6.8CVSS5.3AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•65 views

CVE-2015-1077

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/01/30 11:59 a.m.•63 views

CVE-2014-4476

6.8CVSS5.3AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•62 views

CVE-2015-1075

6.8CVSS8.8AI score0.01021EPSS

CVE•added 2015/07/03 1:59 a.m.•61 views

CVE-2015-3658

The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypa...

6.8CVSS7.6AI score0.00273EPSS

CVE•added 2015/01/30 11:59 a.m.•60 views

CVE-2014-4479

6.8CVSS5.3AI score0.00913EPSS

CVE•added 2014/12/10 9:59 p.m.•59 views

CVE-2014-4471

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1074

6.8CVSS7.8AI score0.00787EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1078

6.8CVSS7.8AI score0.00913EPSS

CVE•added 2015/03/18 10:59 p.m.•59 views

CVE-2015-1083

6.8CVSS7.8AI score0.00861EPSS

CVE•added 2015/04/10 2:59 p.m.•59 views

CVE-2015-1127

The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.

2.1CVSS7.3AI score0.00062EPSS

CVE•added 2014/12/10 9:59 p.m.•58 views

CVE-2014-4468

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•58 views

CVE-2015-1076

6.8CVSS8.8AI score0.00805EPSS

CVE•added 2015/05/08 12:59 a.m.•58 views

CVE-2015-1155

The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.

4.3CVSS7.7AI score0.5513EPSS

CVE•added 2015/03/18 10:59 p.m.•56 views

CVE-2015-1079

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/07/03 1:59 a.m.•56 views

CVE-2015-3659

The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause...

6.8CVSS8.8AI score0.01109EPSS

CVE•added 2014/08/14 11:15 a.m.•55 views

CVE-2014-1386

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

6.8CVSS7.9AI score0.0086EPSS

CVE•added 2014/08/14 11:15 a.m.•55 views

CVE-2014-1389

6.8CVSS7.9AI score0.01645EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4470

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4474

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2014/12/10 9:59 p.m.•55 views

CVE-2014-4475

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•55 views

CVE-2015-1082

6.8CVSS8.8AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•55 views

CVE-2015-1121

6.8CVSS8.9AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•54 views

CVE-2015-1081

6.8CVSS8.8AI score0.00861EPSS

CVE•added 2015/04/10 2:59 p.m.•54 views

CVE-2015-1119

6.8CVSS8.9AI score0.00913EPSS

CVE•added 2015/04/10 2:59 p.m.•54 views

CVE-2015-1122

6.8CVSS8.9AI score0.00836EPSS

CVE•added 2015/07/03 2:0 a.m.•54 views

CVE-2015-3727

WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.

6.8CVSS7.6AI score0.00942EPSS

CVE•added 2014/08/14 11:15 a.m.•53 views

CVE-2014-1384

6.8CVSS7.9AI score0.01645EPSS

CVE•added 2014/08/14 11:15 a.m.•53 views

CVE-2014-1388

6.8CVSS7.9AI score0.01645EPSS

CVE•added 2014/12/10 9:59 p.m.•53 views

CVE-2014-4473

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•53 views

CVE-2015-1070

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2014/12/10 9:59 p.m.•52 views

CVE-2014-4469

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•52 views

CVE-2015-1072

6.8CVSS8.8AI score0.00787EPSS

CVE•added 2015/04/10 2:59 p.m.•52 views

CVE-2015-1124

6.8CVSS8.9AI score0.00913EPSS

CVE•added 2014/08/14 11:15 a.m.•51 views

CVE-2014-1385

6.8CVSS7.9AI score0.01645EPSS

CVE•added 2014/08/14 11:15 a.m.•51 views

CVE-2014-1387

6.8CVSS7.9AI score0.01645EPSS

CVE•added 2014/08/14 11:15 a.m.•51 views

CVE-2014-1390

6.8CVSS7.9AI score0.0086EPSS

CVE•added 2014/12/10 9:59 p.m.•51 views

CVE-2014-4472

6.8CVSS7.8AI score0.00843EPSS

CVE•added 2015/03/18 10:59 p.m.•51 views

CVE-2015-1080

6.8CVSS7.8AI score0.00913EPSS

CVE•added 2015/05/08 12:59 a.m.•50 views

CVE-2015-1156

The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via ...

4.3CVSS7.7AI score0.00627EPSS

CVE•added 2015/03/18 10:59 p.m.•49 views

CVE-2015-1068

6.8CVSS8.8AI score0.00853EPSS

CVE•added 2015/07/03 1:59 a.m.•49 views

CVE-2015-3660

Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content.

4.3CVSS6.6AI score0.0032EPSS

CVE•added 2015/03/18 10:59 p.m.•48 views

CVE-2015-1073

6.8CVSS8.8AI score0.00787EPSS

Total number of security vulnerabilities55