Vendor CVEs
Apple Inc.
All CVEs
8,445 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-2857 | 0.00 | — | 0.02 | Sep 19, 2011 | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller. | |||
| CVE-2011-2855 | 0.00 | — | 0.02 | Sep 19, 2011 | Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." | |||
| CVE-2011-2854 | 0.00 | — | 0.02 | Sep 19, 2011 | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing." | |||
| CVE-2011-2847 | 0.00 | — | 0.02 | Sep 19, 2011 | Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | |||
| CVE-2011-2846 | 0.00 | — | 0.02 | Sep 19, 2011 | Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling. | |||
| CVE-2011-2834 | 0.00 | — | 0.02 | Sep 19, 2011 | Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | |||
| CVE-2011-3422 | 0.00 | — | 0.01 | Sep 12, 2011 | The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate,… | |||
| CVE-2011-0258 | 0.00 | — | 0.05 | Sep 6, 2011 | Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file. | |||
| CVE-2011-2827 | 0.00 | — | 0.02 | Aug 29, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching. | |||
| CVE-2011-2825 | 0.00 | — | 0.02 | Aug 29, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. | |||
| CVE-2011-2823 | 0.00 | — | 0.02 | Aug 29, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box. | |||
| CVE-2011-2821 | 0.00 | — | 0.02 | Aug 29, 2011 | Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. | |||
| CVE-2011-3170 | 0.00 | — | 0.04 | Aug 19, 2011 | The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different… | |||
| CVE-2011-2896 | 0.00 | — | 0.13 | Aug 19, 2011 | The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the… | |||
| CVE-2011-0256 | 0.00 | — | 0.04 | Aug 15, 2011 | Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file. | |||
| CVE-2008-7296 | 0.00 | — | 0.01 | Aug 9, 2011 | Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security… | |||
| CVE-2011-0252 | 0.00 | — | 0.05 | Aug 4, 2011 | Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file. | |||
| CVE-2011-0251 | 0.00 | — | 0.05 | Aug 4, 2011 | Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file. | |||
| CVE-2011-0250 | 0.00 | — | 0.05 | Aug 4, 2011 | Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file. | |||
| CVE-2011-0249 | 0.00 | — | 0.05 | Aug 4, 2011 | Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file. | |||
| CVE-2011-0248 | 0.00 | — | 0.03 | Aug 4, 2011 | Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL file. | |||
| CVE-2011-0247 | 0.00 | — | 0.05 | Aug 4, 2011 | Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie. | |||
| CVE-2011-0246 | 0.00 | — | 0.04 | Aug 4, 2011 | Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. | |||
| CVE-2011-0245 | 0.00 | — | 0.04 | Aug 4, 2011 | Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file. | |||
| CVE-2011-2819 | 0.00 | — | 0.01 | Aug 3, 2011 | Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. | |||
| CVE-2011-2818 | 0.00 | — | 0.01 | Aug 3, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering. | |||
| CVE-2011-2805 | 0.00 | — | 0.01 | Aug 3, 2011 | Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors. | |||
| CVE-2011-2800 | 0.00 | — | 0.01 | Aug 3, 2011 | Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site. | |||
| CVE-2011-2799 | 0.00 | — | 0.02 | Aug 3, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. | |||
| CVE-2011-2797 | 0.00 | — | 0.02 | Aug 3, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. | |||
| CVE-2011-2792 | 0.00 | — | 0.02 | Aug 3, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal. | |||
| CVE-2011-2790 | 0.00 | — | 0.02 | Aug 3, 2011 | Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. | |||
| CVE-2011-2788 | 0.00 | — | 0.01 | Aug 3, 2011 | Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors. | |||
| CVE-2011-2359 | 0.00 | — | 0.02 | Aug 3, 2011 | Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | |||
| CVE-2011-1797 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-1462 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-1457 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-1453 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-1288 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0255 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0254 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0253 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0244 | 0.00 | — | 0.01 | Jul 21, 2011 | WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds. | |||
| CVE-2011-0242 | 0.00 | — | 0.02 | Jul 21, 2011 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username. | |||
| CVE-2011-0240 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0238 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0237 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0235 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0234 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||
| CVE-2011-0233 | 0.00 | — | 0.04 | Jul 21, 2011 | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
- CVE-2011-2857Sep 19, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.
- CVE-2011-2855Sep 19, 2011risk 0.00cvss —epss 0.02
Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
- CVE-2011-2854Sep 19, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."
- CVE-2011-2847Sep 19, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
- CVE-2011-2846Sep 19, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.
- CVE-2011-2834Sep 19, 2011risk 0.00cvss —epss 0.02
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
- CVE-2011-3422Sep 12, 2011risk 0.00cvss —epss 0.01
The Keychain implementation in Apple Mac OS X 10.6.8 and earlier does not properly handle an untrusted attribute of a Certification Authority certificate, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via an Extended Validation certificate,…
- CVE-2011-0258Sep 6, 2011risk 0.00cvss —epss 0.05
Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file.
- CVE-2011-2827Aug 29, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching.
- CVE-2011-2825Aug 29, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.
- CVE-2011-2823Aug 29, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box.
- CVE-2011-2821Aug 29, 2011risk 0.00cvss —epss 0.02
Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.
- CVE-2011-3170Aug 19, 2011risk 0.00cvss —epss 0.04
The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different…
- CVE-2011-2896Aug 19, 2011risk 0.00cvss —epss 0.13
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the…
- CVE-2011-0256Aug 15, 2011risk 0.00cvss —epss 0.04
Integer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted track run atoms in a QuickTime movie file.
- CVE-2008-7296Aug 9, 2011risk 0.00cvss —epss 0.01
Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security…
- CVE-2011-0252Aug 4, 2011risk 0.00cvss —epss 0.05
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file.
- CVE-2011-0251Aug 4, 2011risk 0.00cvss —epss 0.05
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file.
- CVE-2011-0250Aug 4, 2011risk 0.00cvss —epss 0.05
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.
- CVE-2011-0249Aug 4, 2011risk 0.00cvss —epss 0.05
Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSC atoms in a QuickTime movie file.
- CVE-2011-0248Aug 4, 2011risk 0.00cvss —epss 0.03
Stack-based buffer overflow in the QuickTime ActiveX control in Apple QuickTime before 7.7 on Windows, when Internet Explorer is used, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTL file.
- CVE-2011-0247Aug 4, 2011risk 0.00cvss —epss 0.05
Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie.
- CVE-2011-0246Aug 4, 2011risk 0.00cvss —epss 0.04
Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.
- CVE-2011-0245Aug 4, 2011risk 0.00cvss —epss 0.04
Buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pict file.
- CVE-2011-2819Aug 3, 2011risk 0.00cvss —epss 0.01
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI.
- CVE-2011-2818Aug 3, 2011risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.
- CVE-2011-2805Aug 3, 2011risk 0.00cvss —epss 0.01
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.
- CVE-2011-2800Aug 3, 2011risk 0.00cvss —epss 0.01
Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site.
- CVE-2011-2799Aug 3, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.
- CVE-2011-2797Aug 3, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.
- CVE-2011-2792Aug 3, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal.
- CVE-2011-2790Aug 3, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles.
- CVE-2011-2788Aug 3, 2011risk 0.00cvss —epss 0.01
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.
- CVE-2011-2359Aug 3, 2011risk 0.00cvss —epss 0.02
Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
- CVE-2011-1797Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-1462Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-1457Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-1453Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-1288Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0255Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0254Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0253Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0244Jul 21, 2011risk 0.00cvss —epss 0.01
WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds.
- CVE-2011-0242Jul 21, 2011risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username.
- CVE-2011-0240Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0238Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0237Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0235Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0234Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
- CVE-2011-0233Jul 21, 2011risk 0.00cvss —epss 0.04
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
Page 144 of 169