VYPR

Safari

by Apple Inc.

CVEs (1,615)

  • CVE-2011-3888Oct 25, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in.

  • CVE-2011-3887Oct 25, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors.

  • CVE-2011-3885Oct 25, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data.

  • CVE-2011-3881Oct 25, 2011
    risk 0.00cvss epss 0.02

    WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the…

  • CVE-2011-2845Oct 25, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 15.0.874.102 does not properly handle history data, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors.

  • CVE-2011-3426Oct 14, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Safari in Apple iOS before 5 allows remote web servers to inject arbitrary web script or HTML via a file accompanied by a "Content-Disposition: attachment" HTTP header.

  • CVE-2011-3243Oct 14, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows.

  • CVE-2011-3242Oct 14, 2011
    risk 0.00cvss epss 0.01

    The Private Browsing feature in Apple Safari before 5.1.1 on Mac OS X does not properly recognize the Always value of the Block Cookies setting, which makes it easier for remote web servers to track users via a cookie.

  • CVE-2011-3231Oct 14, 2011
    risk 0.00cvss epss 0.01

    The SSL implementation in Apple Safari before 5.1.1 on Mac OS X before 10.7 accesses uninitialized memory during the processing of X.509 certificates, which allows remote web servers to execute arbitrary code via a crafted certificate.

  • CVE-2011-3229Oct 14, 2011
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in Apple Safari before 5.1.1 allows remote attackers to execute arbitrary JavaScript code, in a Safari Extensions context, via a crafted safari-extension: URL.

  • CVE-2011-2877Oct 4, 2011
    risk 0.00cvss epss 0.01

    Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font."

  • CVE-2011-3234Sep 19, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2011-2860Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.

  • CVE-2011-2857Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.

  • CVE-2011-2855Sep 19, 2011
    risk 0.00cvss epss 0.02

    Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."

  • CVE-2011-2854Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."

  • CVE-2011-2847Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

  • CVE-2011-2846Sep 19, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.

  • CVE-2011-2827Aug 29, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching.

  • CVE-2011-2825Aug 29, 2011
    risk 0.00cvss epss 0.02

    Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.

Page 66 of 81