Safari Security Vulnerabilities and Issues — Safari CVE List

Lucene search

AppleSafari

11 matches found

CVE•added 2022/11/01 8:15 p.m.•441 views

CVE-2022-26717

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.6AI score0.00508EPSS

CVE•added 2022/11/13 8:15 a.m.•315 views

CVE-2022-3970

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and ma...

8.8CVSS7.6AI score0.0008EPSS

CVE•added 2022/11/01 8:15 p.m.•202 views

CVE-2022-32922

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00423EPSS

CVE•added 2022/11/01 8:15 p.m.•191 views

CVE-2022-42799

The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.

6.1CVSS6AI score0.00613EPSS

CVE•added 2022/11/01 8:15 p.m.•178 views

CVE-2022-26709

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.5AI score0.00162EPSS

CVE•added 2022/11/01 8:15 p.m.•166 views

CVE-2022-26716

A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.7AI score0.00154EPSS

CVE•added 2022/11/01 8:15 p.m.•158 views

CVE-2022-26719

8.8CVSS8.6AI score0.00154EPSS

CVE•added 2022/11/01 8:15 p.m.•139 views

CVE-2022-42823

A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8CVSS8.4AI score0.00449EPSS

CVE•added 2022/11/01 8:15 p.m.•137 views

CVE-2022-42824

A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information.

5.5CVSS5.7AI score0.00018EPSS

CVE•added 2022/11/01 8:15 p.m.•125 views

CVE-2022-32923

A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app.

6.5CVSS6.3AI score0.00194EPSS

CVE•added 2022/11/01 8:15 p.m.•87 views

CVE-2022-32892

An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions.

8.6CVSS7.5AI score0.0008EPSS