Total
1474 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-1309 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1308 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1307 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1305 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1304 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1303 | 1 Apple | 1 Safari | 2024-11-21 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014. | |||||
CVE-2014-1302 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1301 | 1 Apple | 2 Itunes, Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1300 | 1 Apple | 2 Mac Os X, Safari | 2024-11-21 | 10.0 HIGH | N/A |
Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014. | |||||
CVE-2014-1299 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1298 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. | |||||
CVE-2014-1297 | 1 Apple | 1 Safari | 2024-11-21 | 5.0 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access. | |||||
CVE-2014-1270 | 1 Apple | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. | |||||
CVE-2014-1269 | 1 Apple | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. | |||||
CVE-2014-1268 | 1 Apple | 4 Mac Os X, Mac Os X Server, Safari and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. | |||||
CVE-2013-7127 | 1 Apple | 2 Mac Os X, Safari | 2024-11-21 | 2.1 LOW | N/A |
Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext credentials in LastSession.plist, which allows local users to obtain sensitive information by reading this file. | |||||
CVE-2013-6835 | 1 Apple | 2 Iphone Os, Safari | 2024-11-21 | 5.0 MEDIUM | N/A |
TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote attackers to obtain telephone number or e-mail address information via a facetime-audio: URL. | |||||
CVE-2013-5228 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
CVE-2013-5227 | 1 Apple | 1 Safari | 2024-11-21 | 6.4 MEDIUM | N/A |
Apple Safari before 6.1.1 and 7.x before 7.0.1 allows remote attackers to bypass the Same Origin Policy and discover credentials by triggering autofill of subframe form fields. | |||||
CVE-2013-5225 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2024-11-21 | 6.8 MEDIUM | N/A |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |