Filtered by vendor Apple
Subscriptions
Filtered by product Safari
Subscriptions
Total
1454 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-3900 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2021-12-01 | 8.8 High |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2020-3899 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2021-12-01 | 8.8 High |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. | ||||
| CVE-2020-3895 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2021-12-01 | 8.8 High |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2019-8763 | 1 Apple | 6 Icloud, Ipados, Iphone Os and 3 more | 2021-11-30 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30849 | 1 Apple | 7 Ipados, Iphone Os, Itunes and 4 more | 2021-11-23 | 7.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, watchOS 8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, iTunes 12.12 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30848 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2021-11-23 | 7.8 High |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution. | ||||
| CVE-2009-2816 | 4 Apple, Fedoraproject, Google and 1 more | 5 Iphone Os, Safari, Fedora and 2 more | 2021-11-08 | N/A |
| The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page. | ||||
| CVE-2021-30682 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2021-09-20 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. | ||||
| CVE-2021-30698 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2021-09-17 | 7.5 High |
| A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service. | ||||
| CVE-2021-30689 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2021-09-17 | 6.1 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. | ||||
| CVE-2021-1825 | 1 Apple | 8 Icloud, Ipados, Iphone Os and 5 more | 2021-09-16 | 6.1 Medium |
| An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack. | ||||
| CVE-2021-30795 | 1 Apple | 5 Iphone Os, Macos, Safari and 2 more | 2021-09-16 | 8.8 High |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2021-30797 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2021-09-14 | 8.8 High |
| This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution. | ||||
| CVE-2021-30758 | 1 Apple | 5 Iphone Os, Macos, Safari and 2 more | 2021-09-14 | 8.8 High |
| A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2011-2379 | 3 Apple, Microsoft, Mozilla | 3 Safari, Internet Explorer, Bugzilla | 2021-07-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing. | ||||
| CVE-2019-8751 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2021-07-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2019-8524 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2021-07-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2019-8515 | 1 Apple | 5 Icloud, Iphone Os, Itunes and 2 more | 2021-07-21 | 6.5 Medium |
| A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information. | ||||
| CVE-2019-8571 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2021-07-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2019-8773 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2021-07-21 | 8.8 High |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||