Lucene search
+L

211 matches found

cve
cve
added 2010/07/30 8:0 p.m.60 views

CVE-2010-1789

The vulnerability CVE-2010-1789 is a heap-based buffer overflow in WebKit used by Safari, triggered by handling of JavaScript string objects. Affected products include Safari on Mac OS X (versions 10.4, 10.5–10.6) and Windows, with Safari 5.0.1 (Mac OS X 10.5–10.6) and 4.1.1 (Mac OS X 10.4) addre...

9.3CVSS8.7AI score0.06477EPSS
cve
cve
added 2011/03/03 7:0 p.m.60 views

CVE-2011-0117

CVE-2011-0117 affects WebKit as used by Apple iTunes on Windows prior to 10.2. The vulnerability enables man‑in‑the‑middle attackers to trigger memory corruption, leading to arbitrary code execution or a denial of service (application crash) via iTunes Store browsing related vectors. Root cause i...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.60 views

CVE-2011-0132

CVE-2011-0132 is a use-after-free vulnerability in WebKit's Runin box of the CSS 2.1 Visual Formatting Model, affecting WebKit builds used by Apple iTunes before 10.2 on Windows and Apple Safari . If exploited, it could allow a remote attacker to achieve arbitrary code execution or memory corrupt...

7.6CVSS9.2AI score0.03181EPSS
cve
cve
added 2011/03/03 7:0 p.m.60 views

CVE-2011-0141

CVE-2011-0141 affects WebKit used by Apple iTunes on Windows prior to 10.2. The vulnerability arises from memory corruption in WebKit during iTunes Store browsing, which can enable arbitrary code execution or cause a denial of service when loading certain content. Exploitation could lead to a com...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.60 views

CVE-2011-0155

CVE-2011-0155 affects WebKit as used by Apple iTunes on Windows prior to version 10.2. The vulnerability allows a man-in-the-middle to trigger memory corruption in WebKit via iTunes Store browsing, leading to arbitrary code execution or a denial of service (application crash). Root cause is memor...

7.6CVSS9.2AI score0.02707EPSS
cve
cve
added 2011/07/21 11:0 p.m.60 views

CVE-2011-0242

CVE-2011-0242 affects Safari/WebKit (Apple) with a cross-site scripting (XSS) vulnerability in WebKit that can be triggered by a URL containing a username. The initial CVE description confirms the XSS vector, and Nessus/OpenVAS-derived entries corroborate no vendor patch is available for Linux di...

4.3CVSS6.4AI score0.01693EPSS
cve
cve
added 2011/10/12 6:0 p.m.60 views

CVE-2011-3238

CVE-2011-3238 affects WebKit as used in Apple iTunes before version 10.5. The vulnerability allows a man-in-the-middle attacker to cause memory corruption and application crash or to execute arbitrary code via vectors related to iTunes Store browsing. Exploitation details (specific exploit vector...

7.6CVSS7.5AI score0.02631EPSS
cve
cve
added 2013/12/18 11:0 a.m.60 views

CVE-2013-5196

CVE-2013-5196 : WebKit used by Apple Safari (pre-6.1.1 and pre-7.0.1 for 7.x) is vulnerable to a crafted site that can cause memory corruption, enabling remote code execution or a denial of service (application crash). The provided documents do not specify exploit details or in‑the‑wild occurrenc...

6.8CVSS7.8AI score0.02144EPSS
cve
cve
added 2013/12/18 11:0 a.m.60 views

CVE-2013-5225

CVE-2013-5225 affects WebKit as used by Apple Safari, where a crafted website can lead to remote code execution or a memory-corruption-driven crash. The advisory notes this is a WebKit vulnerability separate from other CVEs and specifies affected Safari versions: before 6.1.1 on some platforms an...

6.8CVSS7.8AI score0.02144EPSS
cve
cve
added 2010/06/11 5:28 p.m.59 views

CVE-2010-1413

CVE-2010-1413 affects WebKit in Apple Safari prior to 5.0 on Windows and macOS (and Safari before 4.1 on Mac OS X 10.4). The flaw allows NTLM credentials to be sent in cleartext under unspecified circumstances, enabling man-in-the-middle attackers to access sensitive information via unspecified v...

5CVSS7.2AI score0.02399EPSS
cve
cve
added 2011/03/03 7:0 p.m.59 views

CVE-2011-0124

CVE-2011-0124 affects WebKit as used in Apple iTunes before 10.2 on Windows. It allows a man‑in‑the‑middle attacker to execute arbitrary code or cause a memory corruption and application crash via iTunes Store browsing vectors (a distinct issue from other CVEs). Root cause and exact component/imp...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.59 views

CVE-2011-0139

CVE-2011-0139 is described in the provided records as a WebKit-based vulnerability in Apple iTunes before 10.2 on Windows, allowing a man-in-the-middle attacker to execute arbitrary code or cause a denial of service (memory corruption and application crash) via iTunes Store browsing vectors. The ...

7.6CVSS9.2AI score0.02341EPSS
cve
cve
added 2011/03/11 10:0 p.m.59 views

CVE-2011-0161

CVE-2011-0161 affects WebKit as used in Apple Safari before 5.0.4 and iOS before 4.3. The vulnerability arises from how the Attr.style accessor is handled, allowing remote attackers to bypass the Same Origin Policy and inject CSS token sequences via a crafted website. The described impact is that...

4.3CVSS8AI score0.01655EPSS
cve
cve
added 2011/10/12 6:0 p.m.59 views

CVE-2011-2817

CVE-2011-2817: A WebKit vulnerability used by Apple iTunes prior to 10.5 allows man-in-the-middle attackers to trigger memory corruption and crash, with potential arbitrary code execution via iTunes Store browsing. No remediation details are provided in the supplied documents.

7.6CVSS7.5AI score0.02288EPSS
cve
cve
added 2011/10/12 6:0 p.m.59 views

CVE-2011-3233

CVE-2011-3233 affects WebKit as used by Apple iTunes before version 10.5. The vulnerability, revealed through iTunes Store browsing, allows a man-in-the-middle attacker to cause memory corruption and application crash or to execute arbitrary code. This is a WebKit-related issue that can lead to a...

7.6CVSS7.5AI score0.02301EPSS
cve
cve
added 2012/03/08 10:0 p.m.59 views

CVE-2012-0638

Technical details about CVE-2012-0638 are not provided in the connected documents. The sources reference WebKit/iTunes vulnerabilities in general but do not specify affected versions, root cause, or fixes for this CVE. Monitor for updates.

7.6CVSS7.5AI score0.02417EPSS
cve
cve
added 2010/11/20 9:0 p.m.58 views

CVE-2010-3821

WebKit in Apple Safari prior to 5.0.3 (Mac OS X 10.5–10.6) and

9.3CVSS8.8AI score0.04358EPSS
cve
cve
added 2011/03/03 7:0 p.m.58 views

CVE-2011-0111

CVE-2011-0111 affects WebKit as used in Apple iTunes before 10.2 on Windows. The vulnerability allows a man-in-the-middle to cause memory corruption, enabling arbitrary code execution or a denial of service (application crash) via vectors related to iTunes Store browsing. The provided documents i...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.58 views

CVE-2011-0135

CVE-2011-0135 affects WebKit used by Apple iTunes on Windows (pre-10.2). It allows a man-in-the-middle to cause memory corruption and arbitrary code execution or a denial of service via iTunes Store browsing. Exploitation details are not provided in the connected documents.

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.58 views

CVE-2011-0156

Technical details about CVE-2011-0156 are not publicly provided in the connected documents. The initial description notes WebKit/iTunes Store browsing vectors, but there are no explicit affected versions, root cause analysis, or fixes in the supplied sources. Monitor for updates.

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/07/21 11:0 p.m.58 views

CVE-2011-0223

CVE-2011-0223 affects WebKit as used in Apple Safari prior to 5.0.6. The vulnerability enables remote attackers to cause memory corruption or arbitrary code execution (or a denial of service) via a crafted web site. Several connected sources reiterate this WebKit/WebKit-derived issue in Safari, w...

9.3CVSS8.8AI score0.03564EPSS
cve
cve
added 2011/10/12 6:0 p.m.58 views

CVE-2011-2815

CVE-2011-2815 affects WebKit as used in Apple iTunes before 10.5. The vulnerability allows a man-in-the-middle to execute arbitrary code or cause a denial of service (memory corruption and application crash) via iTunes Store browsing-related vectors. The connected Nessus/OpenVAS references descri...

7.6CVSS7.5AI score0.02288EPSS
cve
cve
added 2011/12/07 7:0 p.m.58 views

CVE-2011-4692

The CVE-2011-4692 issue affects WebKit as used by Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier. The root cause is that the browser does not prevent timing-based data leakage when loading images, allowing remote attackers to infer whether an image is cached via crafted JavaScrip...

5CVSS5.7AI score0.01213EPSS
cve
cve
added 2011/03/03 7:0 p.m.57 views

CVE-2011-0129

The CVE-2011-0129 entry affects WebKit as used by Apple iTunes before version 10.2 on Windows. The vulnerability arises in WebKit and can be triggered via iTunes Store browsing, enabling memory corruption that may lead to arbitrary code execution or a denial of service (application crash). The de...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.57 views

CVE-2011-0153

CVE-2011-0153 affects WebKit as used in Apple iTunes before 10.2 on Windows. The vulnerability allows MITM attackers to execute arbitrary code or cause memory corruption and application crash via iTunes Store browsing. Connected documents provide concrete details: affected component WebKit, attac...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/07/21 11:0 p.m.57 views

CVE-2011-0238

CVE-2011-0238 affects WebKit as used by Apple Safari prior to 5.0.6. A crafted website can trigger memory corruption in WebKit, enabling remote code execution or causing a denial of service (application crash). Root cause: memory corruption in WebKit when handling crafted content. Affected produc...

9.3CVSS8.8AI score0.03923EPSS
cve
cve
added 2011/10/12 6:0 p.m.57 views

CVE-2011-3241

CVE-2011-3241 affects WebKit as used in Apple iTunes prior to 10.5. The vulnerability allows man-in-the-middle attackers to trigger memory corruption and application crashes, potentially leading to arbitrary code execution or a denial of service via iTunes Store browsing vectors. The connected so...

7.6CVSS7.5AI score0.02301EPSS
cve
cve
added 2013/12/18 11:0 a.m.57 views

CVE-2013-5195

CVE-2013-5195 affects WebKit as used by Safari (Mac OS X) before Safari 6.1.1 and Safari 7.x before 7.0.1. The issue is a memory corruption vulnerability in WebKit that can be triggered by visiting a crafted site, potentially leading to remote code execution or a denial of service (application cr...

6.8CVSS7.9AI score0.02142EPSS
cve
cve
added 2010/11/20 9:0 p.m.56 views

CVE-2010-3817

CVE-2010-3817 affects WebKit/Safari: an improper cast during CSS 3D transforms in Safari < 5.0.3 (Mac OS X 10.5–10.6, Windows) and

9.3CVSS8.7AI score0.04448EPSS
cve
cve
added 2011/03/03 7:0 p.m.56 views

CVE-2011-0113

CVE-2011-0113 affects WebKit as used in Apple iTunes before 10.2 on Windows. The vulnerability allows a man-in-the-middle attacker to cause memory corruption and application crash or to execute arbitrary code via vectors related to iTunes Store browsing. This is the vulnerability described for We...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.56 views

CVE-2011-0119

CVE-2011-0119 affects WebKit as used in Apple iTunes before 10.2 on Windows. The vulnerability allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) through vectors related to iTunes Store browsing. The provided documen...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.56 views

CVE-2011-0126

CVE-2011-0126 , as described in the initial document, affects WebKit as used by Apple iTunes prior to version 10.2 on Windows. The vulnerability enables man-in-the-middle attackers to cause memory corruption or execute arbitrary code, or to cause a denial of service, via vectors related to iTunes...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.56 views

CVE-2011-0152

CVE-2011-0152 concerns WebKit in Apple iTunes for Windows prior to version 10.2. Exploitation via iTunes Store browsing could allow MITM attackers to execute arbitrary code or cause a denial of service through memory corruption and application crashes. The vulnerability involves WebKit components...

7.6CVSS9.2AI score0.02707EPSS
cve
cve
added 2011/07/21 11:0 p.m.56 views

CVE-2011-0237

CVE-2011-0237 affects WebKit as used in Apple Safari before 5.0.6. The issue permits remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted website. Root cause, as described in the sources, is memory corruption within WebKit...

9.3CVSS8.8AI score0.03564EPSS
cve
cve
added 2011/10/12 6:0 p.m.56 views

CVE-2011-2811

CVE-2011-2811 affects WebKit as used in Apple iTunes before 10.5. The vulnerability allows man-in-the-middle attackers to cause memory corruption in the WebKit component via iTunes Store browsing, potentially enabling arbitrary code execution or a denial of service (application crash). The descri...

7.6CVSS7.5AI score0.02216EPSS
cve
cve
added 2012/03/08 10:0 p.m.56 views

CVE-2012-0648

Technical details for CVE-2012-0648 are not provided in the connected documents. No affected product/version, root cause, or remediation is specified. Monitor for updates.

7.6CVSS7.5AI score0.02417EPSS
cve
cve
added 2010/11/20 9:0 p.m.55 views

CVE-2010-3811

CVE-2010-3811 affects Apple Safari/WebKit. The vulnerability is a use-after-free in WebKit’s handling of element attributes, enabling remote code execution or a denial of service. Affected: Safari before 5.0.3 on Mac OS X 10.4–10.6 and Windows (and before 4.1.3 on Mac OS X 10.4). Exploitation det...

9.3CVSS8.6AI score0.05829EPSS
cve
cve
added 2010/11/20 9:0 p.m.55 views

CVE-2010-3822

CVE-2010-3822 affects WebKit used by Apple Safari: uninitialized pointer accessed during CSS counter styles processing, allowing remote code execution or a crash. Impact is high (remote code execution/DoS) across Safari versions before 5.0.3 on macOS 10.5–10.6 and Windows, and before 4.1.3 on mac...

9.3CVSS8.6AI score0.04448EPSS
cve
cve
added 2011/03/03 7:0 p.m.55 views

CVE-2011-0133

The CVE-2011-0133 entry concerns WebKit as used in Apple iTunes before 10.2 on Windows. The vulnerability stems from improper access to glyph data during layout actions for floating blocks associated with pseudo-elements, which can enable a man-in-the-middle attacker to trigger arbitrary code exe...

7.6CVSS9.2AI score0.03181EPSS
cve
cve
added 2011/03/03 7:0 p.m.55 views

CVE-2011-0168

CVE-2011-0168 is a WebKit-based vulnerability affecting Apple WebKit as used by iTunes on Windows prior to iTunes 10.2. The description in the initial doc states that WebKit in this context allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service via iTunes Store ...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/07/21 11:0 p.m.55 views

CVE-2011-0221

CVE-2011-0221 affects WebKit as used by Apple Safari prior to 5.0.6. The vulnerability allows remote attackers to trigger memory corruption via a crafted website, leading to arbitrary code execution or a crash (DoS). Exploitation is tied to WebKit’s handling of memory; multiple public advisories ...

9.3CVSS8.8AI score0.03923EPSS
cve
cve
added 2013/12/18 11:0 a.m.55 views

CVE-2013-5198

CVE-2013-5198 affects WebKit as used by Apple Safari. The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted website, due to memory corruption. Affected software versions are Safari before 6.1.1 and Safari 7.x before 7.0.1. Connected sources corrobo...

6.8CVSS7.8AI score0.02163EPSS
cve
cve
added 2011/03/03 7:0 p.m.54 views

CVE-2011-0140

CVE-2011-0140 affects WebKit used by Apple iTunes on Windows prior to 10.2. It allows MITM-related vectors in iTunes Store browsing to trigger memory corruption, enabling arbitrary code execution or a denial of service (application crash). The vulnerability is rooted in WebKit components within i...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.54 views

CVE-2011-0147

CVE-2011-0147 affects WebKit as used in Apple iTunes before 10.2 on Windows. The vulnerability allows a man-in-the-middle attacker to cause memory corruption in WebKit via iTunes Store browsing, leading to arbitrary code execution or a denial of service (application crash). Root cause is memory c...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.54 views

CVE-2011-0151

CVE-2011-0151 concerns WebKit as used in Apple iTunes before 10.2 on Windows. The issue allows man‑in‑the‑middle attackers to trigger memory corruption via iTunes Store browsing, potentially enabling arbitrary code execution or causing a denial of service. The connected Nessus/OpenVAS entries ref...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2012/03/08 10:0 p.m.54 views

CVE-2012-0639

WebKit in Apple iTunes before 10.6 is affected by CVE-2012-0639. The vulnerability enables MITM attackers to execute arbitrary code or cause memory corruption/DoS via iTunes Store browsing vectors. The description does not specify affected versions beyond “before 10.6” or root cause details beyon...

7.6CVSS7.5AI score0.02417EPSS
cve
cve
added 2010/11/20 9:0 p.m.53 views

CVE-2010-3819

WebKit/Apple Safari vulnerability CVE-2010-3819 affects Safari before 5.0.3 on Mac OS X 10.5–10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, where an improper cast of an unspecified CSS box variable can be exploited by a crafted site to execute arbitrary code or crash the application. Impact...

9.3CVSS8.7AI score0.04448EPSS
cve
cve
added 2011/03/03 7:0 p.m.53 views

CVE-2011-0131

CVE-2011-0131 affects WebKit as used by Apple iTunes on Windows prior to 10.2. The vulnerability stems from WebKit handling related to iTunes Store browsing, enabling a man‑in‑the‑middle attacker to run arbitrary code or cause a memory‑related crash/DoS. Impact is described as arbitrary code exec...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.53 views

CVE-2011-0137

CVE-2011-0137 affects WebKit as used in Apple iTunes before 10.2 on Windows. Vulnerability allows a man-in-the-middle attacker to execute arbitrary code or cause a memory-corruption–driven denial of service via iTunes Store browsing vectors. Public references indicate Apple security updates HT456...

7.6CVSS9.2AI score0.02631EPSS
cve
cve
added 2011/03/03 7:0 p.m.53 views

CVE-2011-0143

The CVE-2011-0143 issue affects WebKit as used in Apple iTunes before 10.2 on Windows. The vulnerability stems from WebKit-related browsing vectors in iTunes Store access, enabling a man-in-the-middle attacker to execute arbitrary code or cause a denial of service via memory corruption and applic...

7.6CVSS9.2AI score0.02631EPSS
Total number of security vulnerabilities211