Apple

Safari

1536 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2009-1686

Exploit
  • EPSS 5.86%
  • Veröffentlicht 10.06.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle constant (aka const) declarations in a type-conversion operation during JavaScript exception handling, which allow...

9.3

CVE-2009-1687

Exploit
  • EPSS 7.36%
  • Veröffentlicht 10.06.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code o...

4.3

CVE-2009-1688

Exploit
  • EPSS 0.61%
  • Veröffentlicht 10.06.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to determini...

4.3

CVE-2009-1689

Exploit
  • EPSS 0.61%
  • Veröffentlicht 10.06.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving submission...

9.3

CVE-2009-1690

Exploit
  • EPSS 12.22%
  • Veröffentlicht 10.06.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary c...

4.3

CVE-2009-1691

Exploit
  • EPSS 0.61%
  • Veröffentlicht 10.06.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to insuffici...

5.8

CVE-2009-1693

Exploit
  • EPSS 0.57%
  • Veröffentlicht 10.06.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capt...

5.8

CVE-2009-1694

  • EPSS 0.64%
  • Veröffentlicht 10.06.2009 14:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS el...

9.3

CVE-2009-0945

  • EPSS 10.54%
  • Veröffentlicht 13.05.2009 17:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other pr...

4.3

CVE-2009-0162

  • EPSS 1.71%
  • Veröffentlicht 13.05.2009 15:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL.