Filtered by vendor Apple
Subscriptions
Filtered by product Safari
Subscriptions
Total
1550 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-1340 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1. | ||||
| CVE-2016-7153 | 5 Apple, Google, Microsoft and 2 more | 6 Safari, Chrome, Edge and 3 more | 2025-04-12 | N/A |
| The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack. | ||||
| CVE-2014-1341 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | ||||
| CVE-2014-1342 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | ||||
| CVE-2014-1338 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | ||||
| CVE-2016-4769 | 2 Apple, Microsoft | 3 Itunes, Safari, Windows | 2025-04-12 | N/A |
| WebKit in Apple iTunes before 12.5.1 on Windows and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
| CVE-2015-3659 | 1 Apple | 3 Iphone Os, Mac Os X, Safari | 2025-04-12 | N/A |
| The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. | ||||
| CVE-2016-1849 | 1 Apple | 2 Iphone Os, Safari | 2025-04-12 | N/A |
| The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read access to a Safari directory. | ||||
| CVE-2014-1339 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | ||||
| CVE-2016-1786 | 1 Apple | 2 Iphone Os, Safari | 2025-04-12 | N/A |
| The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx (aka redirection) status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and obtain sensitive cached information via a crafted web site. | ||||
| CVE-2014-1331 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | ||||
| CVE-2014-1334 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | ||||
| CVE-2016-4623 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4589, CVE-2016-4622, and CVE-2016-4624. | ||||
| CVE-2016-4591 | 1 Apple | 4 Iphone Os, Safari, Tvos and 1 more | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. | ||||
| CVE-2015-3658 | 1 Apple | 3 Iphone Os, Mac Os X, Safari | 2025-04-12 | N/A |
| The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site. | ||||
| CVE-2016-4766 | 2 Apple, Microsoft | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-12 | N/A |
| WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4759, CVE-2016-4765, CVE-2016-4767, and CVE-2016-4768. | ||||
| CVE-2016-4589 | 1 Apple | 4 Iphone Os, Safari, Tvos and 1 more | 2025-04-12 | N/A |
| WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624. | ||||
| CVE-2016-1724 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2025-04-12 | N/A |
| WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727. | ||||
| CVE-2014-1387 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. | ||||
| CVE-2014-1335 | 1 Apple | 1 Safari | 2025-04-12 | N/A |
| WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. | ||||