VYPR

Safari

by Apple Inc.

CVEs (1,615)

  • CVE-2024-44244MedOct 28, 2024
    risk 0.28cvss 4.3epss 0.01

    A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 18.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2024-40776MedJul 29, 2024
    risk 0.28cvss 4.3epss 0.01

    A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an…

  • CVE-2024-23273MedMar 8, 2024
    risk 0.28cvss 4.3epss 0.01

    This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.

  • CVE-2022-46705MedFeb 27, 2023
    risk 0.28cvss 4.3epss 0.01

    A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2022-32868MedSep 20, 2022
    risk 0.28cvss 4.3epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions.

  • CVE-2022-22654MedMar 18, 2022
    risk 0.28cvss 4.3epss 0.01

    A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2020-9993MedDec 8, 2020
    risk 0.28cvss 4.3epss 0.01

    The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2020-9987MedDec 8, 2020
    risk 0.28cvss 4.3epss 0.01

    An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2020-9945MedDec 8, 2020
    risk 0.28cvss 4.3epss 0.01

    A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2020-9942MedDec 8, 2020
    risk 0.28cvss 4.3epss 0.01

    An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, Safari 13.1.2. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2020-9857MedOct 27, 2020
    risk 0.28cvss 4.3epss 0.01

    An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra. A malicious website may be able to exfiltrate autofilled data…

  • CVE-2019-8898MedOct 27, 2020
    risk 0.28cvss 4.3epss 0.01

    An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may…

  • CVE-2019-8827MedOct 27, 2020
    risk 0.28cvss 4.3epss 0.01

    The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2,…

  • CVE-2020-9894MedOct 16, 2020
    risk 0.28cvss 4.3epss 0.03

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause…

  • CVE-2020-9784MedApr 1, 2020
    risk 0.28cvss 4.3epss 0.01

    A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1. A malicious iframe may use another website’s download settings.

  • CVE-2020-3887MedApr 1, 2020
    risk 0.28cvss 4.3epss 0.01

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated.

  • CVE-2020-3885MedApr 1, 2020
    risk 0.28cvss 4.3epss 0.02

    A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed.

  • CVE-2020-3833MedFeb 27, 2020
    risk 0.28cvss 4.3epss 0.01

    An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2019-8670MedDec 18, 2019
    risk 0.28cvss 4.3epss 0.01

    An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6, Safari 12.1.2. Visiting a malicious website may lead to address bar spoofing.

  • CVE-2018-4445MedApr 3, 2019
    risk 0.28cvss 4.3epss 0.01

    "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.

Page 39 of 81