VYPR

Safari

by Apple Inc.

CVEs (1,616)

  • CVE-2015-7096Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7095,…

  • CVE-2015-7095Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7048, CVE-2015-7096,…

  • CVE-2015-7093Dec 11, 2015
    risk 0.00cvss epss 0.01

    Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL in the user interface via a crafted web site.

  • CVE-2015-7050Dec 11, 2015
    risk 0.00cvss epss 0.02

    WebKit in Apple iOS before 9.2 and Safari before 9.0.2 misparses content extensions, which allows remote attackers to obtain sensitive browsing-history information via a crafted web site.

  • CVE-2015-7048Dec 11, 2015
    risk 0.00cvss epss 0.03

    WebKit in Apple iOS before 9.2, Safari before 9.0.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-7095, CVE-2015-7096,…

  • CVE-2015-7014Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-7013Oct 23, 2015
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2015-7012Oct 23, 2015
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-7011Oct 23, 2015
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2015-7002Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-5931Oct 23, 2015
    risk 0.00cvss epss 0.02

    WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in…

  • CVE-2015-5930Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-5929Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-5928Oct 23, 2015
    risk 0.00cvss epss 0.03

    WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit…

  • CVE-2015-5828Oct 9, 2015
    risk 0.00cvss epss 0.02

    The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site.

  • CVE-2015-5780Oct 9, 2015
    risk 0.00cvss epss 0.02

    The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors.

  • CVE-2015-5905Sep 18, 2015
    risk 0.00cvss epss 0.02

    Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted window opener on a web site.

  • CVE-2015-5904Sep 18, 2015
    risk 0.00cvss epss 0.01

    Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web content via a crafted web site.

  • CVE-2015-5827Sep 18, 2015
    risk 0.00cvss epss 0.02

    WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.

  • CVE-2015-5826Sep 18, 2015
    risk 0.00cvss epss 0.02

    WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Page 48 of 81