Apple

Safari

1536 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-1859

  • EPSS 0.59%
  • Published 20.05.2016 11:00:13
  • Last modified 12.04.2025 10:46:40

The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

6.5

CVE-2016-1858

  • EPSS 1.33%
  • Published 20.05.2016 11:00:12
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site.

8.8

CVE-2016-1857

  • EPSS 1.36%
  • Published 20.05.2016 11:00:11
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1856

  • EPSS 0.59%
  • Published 20.05.2016 11:00:10
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1854

  • EPSS 0.59%
  • Published 20.05.2016 11:00:08
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

8.8

CVE-2016-1855

  • EPSS 0.71%
  • Published 20.05.2016 11:00:08
  • Last modified 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-...

3.3

CVE-2016-1849

  • EPSS 0.06%
  • Published 20.05.2016 11:00:02
  • Last modified 12.04.2025 10:46:40

The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read a...

5.8

CVE-2016-1786

  • EPSS 0.44%
  • Published 24.03.2016 01:59:53
  • Last modified 12.04.2025 10:46:40

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx (aka redirection) status code, which allows remote attackers to spoof the displayed URL, bypass the Same Origin Policy, and o...

6.5

CVE-2016-1785

  • EPSS 0.43%
  • Published 24.03.2016 01:59:52
  • Last modified 12.04.2025 10:46:40

The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a ...

6.5

CVE-2016-1784

  • EPSS 0.94%
  • Published 24.03.2016 01:59:51
  • Last modified 12.04.2025 10:46:40

The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site.