Apple

Safari

1536 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-1859

  • EPSS 0.59%
  • Veröffentlicht 20.05.2016 11:00:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

6.5

CVE-2016-1858

  • EPSS 1.33%
  • Veröffentlicht 20.05.2016 11:00:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.

8.8

CVE-2016-1857

  • EPSS 1.36%
  • Veröffentlicht 20.05.2016 11:00:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1856

  • EPSS 0.59%
  • Veröffentlicht 20.05.2016 11:00:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1854

  • EPSS 0.59%
  • Veröffentlicht 20.05.2016 11:00:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1855

  • EPSS 0.71%
  • Veröffentlicht 20.05.2016 11:00:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

3.3

CVE-2016-1849

  • EPSS 0.06%
  • Veröffentlicht 20.05.2016 11:00:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read a...

5.8

CVE-2016-1786

  • EPSS 0.44%
  • Veröffentlicht 24.03.2016 01:59:53
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx (aka redirection) status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and o...

6.5

CVE-2016-1785

  • EPSS 0.43%
  • Veröffentlicht 24.03.2016 01:59:52
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a ...

6.5

CVE-2016-1784

  • EPSS 0.94%
  • Veröffentlicht 24.03.2016 01:59:51
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site.