39 matches found
CVE-2017-13870
CVE-2017-13870 affects Apple WebKit across multiple platforms (iOS prior to 11.2, Safari prior to 11.0.2, tvOS prior to 11.2, iCloud/ iTunes on Windows) with memory-corruption issues in WebKit that could allow arbitrary code execution or cause a crash via a crafted web site. The public documents ...
CVE-2017-13856
Summary: CVE-2017-13856 concerns Apple WebKit in iOS, Safari, tvOS, iCloud/iTunes components. The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted web site, due to memory corruption in WebKit. Affected products include iOS before 11.2, Safari befo...
CVE-2017-13866
CVE-2017-13866 affects Apple WebKit across multiple Apple platforms (iOS <11.2, Safari <11.0.2, tvOS <11.2, iCloud for Windows <7.2, iTunes for Windows
CVE-2017-7061
CVE-2017-7061 concerns WebKit in multiple Apple platforms (iOS, macOS Safari, tvOS, WebKitGTK+), with memory corruption and DOMParser handling issues that could allow arbitrary code execution or cross-origin data leakage when processing malicious web content. Public advisories link this to severa...
CVE-2017-7156
CVE-2017-7156 affects WebKit in Apple platforms: iOS <11.2, Safari <11.0.2, tvOS <11.2, iCloud for Windows 7.2, and iTunes for Windows
CVE-2017-7037
CVE-2017-7037 affects WebKit in multiple Apple platforms (iOS before 10.3.3, Safari before 10.1.2, tvOS before 10.2.2, iCloud/iTunes on Windows). Root issue: memory handling/processing of malicious web content in WebKit could allow arbitrary code execution or cross-origin data leakage when handli...
CVE-2017-7056
CVE-2017-7056 is a WebKit issue affecting multiple Apple platforms (iOS, macOS, Apple TV, Windows iCloud/iTunes components in related feeds) where an attacker-controlled website could exfiltrate cross-origin data by abusing SVG filters in a crafted web page. Descriptions in the connected docs ind...
CVE-2017-7157
CVE-2017-7157 affects WebKit components across Apple devices (iOS, Safari, tvOS, iCloud/iTunes on Windows). The root issue is multiple memory corruption vulnerabilities in WebKit that could allow remote attackers to execute arbitrary code or cause a denial of service via a crafted web site. Affec...
CVE-2017-7049
CVE-2017-7049 affects Apple products via the WebKit component. A crafted web site may allow remote attackers to execute arbitrary code or cause memory corruption leading to a denial of service. Affected: iOS < 10.3.3; Safari < 10.1.2; iCloud on Windows < 6.2.2; iTunes on Windows < 12....
CVE-2017-7038
CVE-2017-7038 is a WebKit/DOMParser vulnerability affecting Apple platforms. A logic issue in the DOMParser handling could allow cross‑site scripting when processing malicious web content. Affected: iOS prior to 10.3.3, Safari prior to 10.1.2, and tvOS prior to 10.2.2. Mitigation: upgrade to iOS ...
CVE-2017-7048
CVE-2017-7048 affects WebKit components across Apple products (iOS 10.x, Safari 10.x, tvOS 10.x, iCloud/iTunes on Windows) and WebKitGTK+ before 2.16.6. In Apple products, the issue is described as memory corruption leading to remote code execution or a crash via a crafted web site; WebKitGTK+ re...
CVE-2017-7055
CVE-2017-7055 affects WebKit components in Apple software (iOS Safari, macOS Safari, WebKitGTK+ for Linux) with a memory-corruption/related issue that could allow remote code execution or memory corruption via a crafted web site. Public records show multiple related CVEs in WebKit/GTK ports aroun...
CVE-2017-7039
CVE-2017-7039 is a WebKit vulnerability affecting Apple WebKit-based products (iOS Safari, macOS Safari, tvOS, etc.). The issue arises from memory corruption in WebKit when processing maliciously crafted web content, allowing a remote attacker to execute arbitrary code or cause a memory corruptio...
CVE-2017-7034
CVE-2017-7034 concerns WebKit/WebKitGTK+ components used in Apple platforms and WebKitGTK+ on Linux. The issue is described as memory corruption during processing of maliciously crafted web content, enabling arbitrary code execution on affected systems and potentially memory corruption leading to...
CVE-2017-7041
CVE-2017-7041 affects WebKit in multiple Apple platforms: iOS before 10.3.3, Safari before 10.1.2, iCloud on Windows before 6.2.2, iTunes on Windows before 12.6.2, and tvOS before 10.2.2. The vulnerability allows a remote attacker to execute arbitrary code or cause a denial of service by visiting...
CVE-2017-7006
CVE-2017-7006 affects Apple WebKit components used in iOS, Safari, and tvOS prior to patches (iOS 10.3.3, Safari 10.1.2, tvOS 10.2.2). The issue is a timing side-channel vulnerability that allows a remote attacker to bypass the Same Origin Policy and exfiltrate cross-origin data via a crafted web...
CVE-2017-7160
CVE-2017-7160 affects Apple products with the WebKit engine (iOS <11.2, Safari <11.0.2, tvOS
CVE-2017-7046
CVE-2017-7046 affects WebKit components in Apple products (iOS, Safari, tvOS, iCloud/iTunes on Windows). The issue is described as memory corruption that can be triggered by processing crafted web content, leading to remote arbitrary code execution or a crash. The Apple advisories confirm affecte...
CVE-2017-7052
CVE-2017-7052 affects Apple’s WebKit-based stack across multiple Apple platforms: iOS <10.3.3, Safari <10.1.2, iCloud on Windows <6.2.2, iTunes on Windows <12.6.2, and tvOS
CVE-2017-7018
CVE-2017-7018 affects WebKit in Apple platforms (iOS before 10.3.3, Safari before 10.1.2, tvOS before 10.2.2; iCloud/iTunes on Windows) and can be triggered by processing malicious web content to cause arbitrary code execution or memory corruption leading to a crash. Connected documents indicate ...
CVE-2017-13792
CVE-2017-13792 is a WebKit use-after-free/memory corruption issue that could allow remote code execution or a memory corruption crash via a crafted web page. Affected products per Apple advisories: iOS before 11.1, Safari before 11.0.1, iCloud on Windows, iTunes 12.7.1 for Windows, and tvOS befor...
CVE-2017-13791
CVE-2017-13791 is a WebKit use-after-free remote code execution issue disclosed in Apple advisories. It affected iOS before 11.1, Safari before 11.0.1, tvOS before 11.1, and Windows components (iTunes 12.7.1, iCloud 7.1) via crafted web content. An exploit exists (Exploit-DB: 43176). Patches were...
CVE-2017-13794
CVE-2017-13794 relates to WebKit/WebKitGTK+ vulnerabilities discovered in 2017. Multiple memory-corruption issues in WebKit allow remote attackers to execute arbitrary code or cause a denial of service when a user visits crafted web content. Affected products include WebKitGTK+ (Linux distributio...
CVE-2017-7019
CVE-2017-7019 affects WebKit Page Loading in multiple Apple platforms (iOS <10.3.3, Safari <10.1.2, tvOS
CVE-2017-7042
CVE-2017-7042 involves WebKit in Apple ecosystem (iOS < 10.3.3, Safari < 10.1.2, iCloud on Windows < 6.2.2, iTunes on Windows < 12.6.2, tvOS
CVE-2017-7030
CVE-2017-7030 affects WebKit components across Apple platforms (iOS Safari, tvOS, Windows iCloud/iTunes) and WebKitGTK+ ecosystems. The issue is a memory corruption/misdirected processing vulnerability in WebKit that can allow arbitrary code execution or memory corruption when visiting a crafted ...
CVE-2017-13784
CVE-2017-13784 affects Apple WebKit in multiple products (iOS <11.1, Safari <11.0.1, iCloud for Windows <7.1, iTunes for Windows <12.7.1, tvOS
CVE-2017-13798
CVE-2017-13798 affects WebKit components in several Apple platforms (iOS, Safari, tvOS, iCloud/iTunes) prior to their 11.1/11.0.1 updates. The issue enables remote code execution or a memory-corruption-based denial of service via crafted web content, as described by Apple’s security notes for iOS...
CVE-2017-13803
CVE-2017-13803 concerns WebKit in multiple Apple OS components (iOS <11.1, Safari <11.0.1, tvOS
CVE-2017-13793
CVE-2017-13793 concerns WebKit in Apple products (iOS<11.1, Safari<11.0.1, iCloud on Windows, iTunes on Windows, tvOS
CVE-2017-13795
CVE-2017-13795 affects Apple WebKit across multiple platforms (iOS, Safari, tvOS, iCloud/Windows, iTunes for Windows). Root issue is memory corruption in WebKit leading to remote code execution or memory-based DoS when processing crafted web content. Affected versions include iOS before 11.1, Saf...
CVE-2017-13788
CVE-2017-13788 affects Apple WebKit so that processing malicious web content could lead to arbitrary code execution or memory corruption on Apple devices. The Apple advisories correlate this with WebKit issues addressed in iOS 11.1 (and Safari 11.0.1) and tvOS 11.1, with WebKit memory-corruption ...
CVE-2017-7020
CVE-2017-7020 affects WebKit components across multiple Apple platforms (iOS prior to 10.3.3, Safari prior to 10.1.2, iCloud on Windows prior to 6.2.2, iTunes on Windows prior to 12.6.2, tvOS prior to 10.2.2). The issue allows a remote attacker to execute arbitrary code or cause a denial of servi...
CVE-2017-13783
CVE-2017-13783 impacts Apple WebKit across multiple platforms (iOS 11.1 and earlier, Safari 11.0.1 and earlier, iCloud/iTunes on Windows, tvOS 11.1). The issue is a memory corruption vulnerability in WebKit that could allow remote attackers to execute arbitrary code or cause a denial of service v...
CVE-2017-13796
CVE-2017-13796 affects Apple’s WebKit across multiple platforms (iOS, Safari, tvOS, Windows iTunes/iCloud). The issue is due to memory corruption in WebKit that could allow remote attackers to execute arbitrary code or cause a crash via a crafted web page. Affected products include iOS before 11....
CVE-2017-13802
CVE-2017-13802 affects WebKit in multiple Apple platforms (iOS before 11.1, Safari before 11.0.1, tvOS before 11.1, iCloud/iTunes on Windows). The issue allows remote code execution or memory corruption via crafted web content. Root cause: memory corruption in WebKit leading to arbitrary code exe...
CVE-2017-13785
CVE-2017-13785 is a WebKit-related vulnerability affecting Apple devices and software listed by Apple for the 2017-11 window: iOS <11.1, Safari <11.0.1, iCloud on Windows, iTunes for Windows, and tvOS
CVE-2016-4583
CVE-2016-4583 is a WebKit/SVG timing-based information disclosure in Apple WebKit components. Affected products include iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2. The flaw enables a remote attacker to bypass the Same Origin Policy and obtain image data from a site the use...
CVE-2016-4592
CVE-2016-4592 affects WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2. The issue allows a remote attacker to cause a denial of service via memory consumption when visiting a crafted website. Public sources describe the vulnerability as a memory‑consumption/DoS issue i...