Total
1466 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-1121 | 1 Apple | 1 Safari | 2024-02-28 | 5.0 MEDIUM | N/A |
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags. | |||||
CVE-2003-0355 | 2 Apple, Kde | 2 Safari, Konqueror Embedded | 2024-02-28 | 5.0 MEDIUM | N/A |
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. | |||||
CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 6 Safari, Kde, Konqueror Embedded and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | |||||
CVE-2004-0361 | 1 Apple | 1 Safari | 2024-02-28 | 5.0 MEDIUM | N/A |
The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array. | |||||
CVE-2003-0975 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2024-02-28 | 5.0 MEDIUM | N/A |
Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | |||||
CVE-2003-0514 | 1 Apple | 1 Safari | 2024-02-28 | 7.5 HIGH | N/A |
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. |