VYPR

Safari

by Apple Inc.

CVEs (1,615)

  • CVE-2020-9903HigOct 16, 2020
    risk 0.49cvss 7.5epss 0.01

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, Safari 13.1.2. A malicious attacker may cause Safari to suggest a password for the wrong domain.

  • CVE-2016-4676HigFeb 3, 2020
    risk 0.49cvss 7.5epss 0.02

    A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information.

  • CVE-2018-4329HigApr 3, 2019
    risk 0.49cvss 7.5epss 0.01

    Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12, Safari 12.

  • CVE-2018-4274HigApr 3, 2019
    risk 0.49cvss 7.5epss 0.01

    A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.

  • CVE-2018-4186HigJan 11, 2019
    risk 0.49cvss 7.5epss 0.01

    In Safari before 11.1, an information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation.

  • CVE-2018-4137HigApr 3, 2018
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. The issue involves the "Safari Login AutoFill" component. It allows remote attackers to read autofilled data by leveraging lack of a user-confirmation requirement.

  • CVE-2017-7090HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2016-10226HigApr 3, 2017
    risk 0.49cvss 7.5epss 0.02

    JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to…

  • CVE-2016-10222HigApr 3, 2017
    risk 0.49cvss 7.5epss 0.02

    runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the…

  • CVE-2017-2419HigApr 2, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors.

  • CVE-2017-2377HigApr 2, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to cause a denial of service (memory corruption and application crash) by leveraging a…

  • CVE-2017-2376HigApr 2, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar by leveraging text input during the loading of a page.

  • CVE-2016-4591HigJul 22, 2016
    risk 0.49cvss 7.5epss 0.04

    WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors.

  • CVE-2025-31238HigMay 12, 2025
    risk 0.48cvss 7.3epss 0.01

    The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption.

  • CVE-2025-24209HigMar 31, 2025
    risk 0.46cvss 7.0epss 0.01

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2020-9952HigOct 16, 2020
    risk 0.46cvss 7.1epss 0.01

    An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site…

  • CVE-2020-9843HigJun 9, 2020
    risk 0.46cvss 7.1epss 0.01

    An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web…

  • CVE-2020-9805HigJun 9, 2020
    risk 0.46cvss 7.1epss 0.01

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead…

  • CVE-2017-2480MedApr 2, 2017
    risk 0.46cvss 6.5epss 0.04

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows…

  • CVE-2017-2479MedApr 2, 2017
    risk 0.46cvss 6.5epss 0.06

    An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows…

Page 26 of 81