Safari
by Apple Inc.
CVEs (1,615)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-4440 | Med | 0.28 | 4.3 | 0.02 | Apr 3, 2019 | A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. | ||
| CVE-2018-4307 | Med | 0.28 | 4.3 | 0.01 | Apr 3, 2019 | A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12. | ||
| CVE-2018-4278 | Med | 0.28 | 4.3 | 0.02 | Jan 11, 2019 | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. | ||
| CVE-2018-4232 | Med | 0.28 | 4.3 | 0.02 | Jun 8, 2018 | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It… | ||
| CVE-2017-7144 | Med | 0.28 | 4.3 | 0.01 | Oct 23, 2017 | An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling. | ||
| CVE-2016-7592 | Med | 0.28 | 4.3 | 0.02 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive… | ||
| CVE-2016-7581 | Med | 0.28 | 4.3 | 0.01 | Feb 20, 2017 | An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Safari" component, which allows remote web servers to cause a denial of service via a crafted URL. | ||
| CVE-2016-1864 | Med | 0.28 | 4.3 | 0.02 | Jun 19, 2016 | The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL. | ||
| CVE-2016-1781 | Med | 0.28 | 4.3 | 0.01 | Mar 24, 2016 | WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors. | ||
| CVE-2016-1772 | Med | 0.28 | 4.3 | 0.01 | Mar 24, 2016 | The Top Sites feature in Apple Safari before 9.1 mishandles cookie storage, which makes it easier for remote web servers to track users via unspecified vectors. | ||
| CVE-2009-2197 | Med | 0.28 | 4.3 | 0.01 | Mar 24, 2016 | Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog. | ||
| CVE-2016-1728 | Med | 0.28 | 4.3 | 0.02 | Feb 1, 2016 | The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web… | ||
| CVE-2025-43265 | Med | 0.26 | 4.0 | 0.00 | Jul 30, 2025 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose internal states of the app. | ||
| CVE-2016-4751 | Low | 0.23 | 3.5 | 0.01 | Sep 25, 2016 | The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site. | ||
| CVE-2026-20656 | Low | 0.21 | 3.3 | 0.00 | Feb 11, 2026 | A logic issue was addressed with improved validation. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3. An app may be able to access a user's Safari history. | ||
| CVE-2024-40798 | Low | 0.21 | 3.3 | 0.00 | Jul 29, 2024 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to read Safari's browsing history. | ||
| CVE-2024-23211 | Low | 0.21 | 3.3 | 0.00 | Jan 23, 2024 | A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings. | ||
| CVE-2020-9912 | Low | 0.21 | 3.3 | 0.00 | Oct 16, 2020 | A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode. | ||
| CVE-2017-2384 | Low | 0.21 | 3.3 | 0.00 | Apr 2, 2017 | An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users to identify the web-site visits that occurred in Private Browsing mode. | ||
| CVE-2016-1849 | Low | 0.21 | 3.3 | 0.00 | May 20, 2016 | The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read access to a Safari directory. |
- risk 0.28cvss 4.3epss 0.02
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
- risk 0.28cvss 4.3epss 0.01
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12.
- risk 0.28cvss 4.3epss 0.02
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
- risk 0.28cvss 4.3epss 0.02
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It…
- risk 0.28cvss 4.3epss 0.01
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling.
- risk 0.28cvss 4.3epss 0.02
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the "WebKit" component, which allows remote attackers to obtain sensitive…
- risk 0.28cvss 4.3epss 0.01
An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue involves the "Safari" component, which allows remote web servers to cause a denial of service via a crafted URL.
- risk 0.28cvss 4.3epss 0.02
The XSS auditor in WebKit, as used in Apple iOS before 9.3 and Safari before 9.1, does not properly handle redirects in block mode, which allows remote attackers to obtain sensitive information via a crafted URL.
- risk 0.28cvss 4.3epss 0.01
WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors.
- risk 0.28cvss 4.3epss 0.01
The Top Sites feature in Apple Safari before 9.1 mishandles cookie storage, which makes it easier for remote web servers to track users via unspecified vectors.
- risk 0.28cvss 4.3epss 0.01
Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog.
- risk 0.28cvss 4.3epss 0.02
The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the "a:visited button" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web…
- risk 0.26cvss 4.0epss 0.00
An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose internal states of the app.
- risk 0.23cvss 3.5epss 0.01
The Safari Tabs component in Apple Safari before 10 allows remote attackers to spoof the address bar of a tab via a crafted web site.
- risk 0.21cvss 3.3epss 0.00
A logic issue was addressed with improved validation. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3. An app may be able to access a user's Safari history.
- risk 0.21cvss 3.3epss 0.00
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to read Safari's browsing history.
- risk 0.21cvss 3.3epss 0.00
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings.
- risk 0.21cvss 3.3epss 0.00
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode.
- risk 0.21cvss 3.3epss 0.00
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves mishandling of deletion within the SQLite subsystem of the "Safari" component. It allows local users to identify the web-site visits that occurred in Private Browsing mode.
- risk 0.21cvss 3.3epss 0.00
The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read access to a Safari directory.
Page 40 of 81