Total
1466 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-5820 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 4.3 MEDIUM | N/A |
WebKit in Apple iOS before 9 allows remote attackers to trigger a dialing action via a crafted (1) tel://, (2) facetime://, or (3) facetime-audio:// URL. | |||||
CVE-2015-5788 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 4.3 MEDIUM | N/A |
The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element. | |||||
CVE-2016-1726 | 1 Apple | 3 Iphone Os, Safari, Watchos | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
WebKit, as used in Apple iOS before 9.2.1 and Safari before 9.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1723 and CVE-2016-1725. | |||||
CVE-2015-1155 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 4.3 MEDIUM | N/A |
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site. | |||||
CVE-2015-3732 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. | |||||
CVE-2015-7048 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096, CVE-2015-7097, CVE-2015-7098, CVE-2015-7099, CVE-2015-7100, CVE-2015-7101, CVE-2015-7102, and CVE-2015-7103. | |||||
CVE-2015-3747 | 2 Apple, Canonical | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. | |||||
CVE-2015-7011 | 1 Apple | 2 Itunes, Safari | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. | |||||
CVE-2016-4731 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4729. | |||||
CVE-2015-3737 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. | |||||
CVE-2015-3733 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. | |||||
CVE-2016-4733 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735. | |||||
CVE-2015-5929 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. | |||||
CVE-2015-3743 | 2 Apple, Canonical | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. | |||||
CVE-2015-3740 | 1 Apple | 3 Iphone Os, Itunes, Safari | 2024-02-28 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. | |||||
CVE-2015-3755 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 4.3 MEDIUM | N/A |
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL. | |||||
CVE-2016-4751 | 1 Apple | 1 Safari | 2024-02-28 | 4.3 MEDIUM | 3.5 LOW |
The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site. | |||||
CVE-2016-4618 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." | |||||
CVE-2016-1781 | 1 Apple | 2 Iphone Os, Safari | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors. | |||||
CVE-2016-4760 | 2 Apple, Microsoft | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to conduct DNS rebinding attacks against non-HTTP Safari sessions by leveraging HTTP/0.9 support. |