Apple

Safari

1536 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-27850

  • EPSS 0.17%
  • Veröffentlicht 10.06.2024 21:15:51
  • Zuletzt bearbeitet 24.03.2025 21:15:16

This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, Safari 17.5, iOS 17.5 and iPadOS 17.5. A maliciously crafted webpage may be able to fingerprint the user.

8.8

CVE-2024-27851

  • EPSS 0.28%
  • Veröffentlicht 10.06.2024 21:15:51
  • Zuletzt bearbeitet 21.11.2024 09:05:16

The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code executi...

8.8

CVE-2024-27808

  • EPSS 0.19%
  • Veröffentlicht 10.06.2024 21:15:50
  • Zuletzt bearbeitet 21.11.2024 09:05:06

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution.

8.8

CVE-2024-27820

  • EPSS 0.41%
  • Veröffentlicht 10.06.2024 21:15:50
  • Zuletzt bearbeitet 21.11.2024 09:05:09

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary ...

6.5

CVE-2024-27830

  • EPSS 0.22%
  • Veröffentlicht 10.06.2024 21:15:50
  • Zuletzt bearbeitet 13.03.2025 19:15:43

This issue was addressed through improved state management. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A maliciously crafted webpage may be able to fingerprint the user.

5.5

CVE-2024-27834

  • EPSS 0.01%
  • Veröffentlicht 14.05.2024 15:13:06
  • Zuletzt bearbeitet 12.12.2024 14:33:00

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

9.6

CVE-2024-4558

Exploit
  • EPSS 1.41%
  • Veröffentlicht 07.05.2024 19:15:08
  • Zuletzt bearbeitet 20.12.2024 17:18:09

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

6.5

CVE-2024-23271

  • EPSS 0.07%
  • Veröffentlicht 24.04.2024 17:15:47
  • Zuletzt bearbeitet 12.12.2024 14:33:00

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, Safari 17.3, tvOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior.

8.8

CVE-2023-42950

  • EPSS 0.23%
  • Veröffentlicht 28.03.2024 16:15:08
  • Zuletzt bearbeitet 21.11.2024 08:23:35

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code exec...

6.5

CVE-2023-42956

  • EPSS 0.19%
  • Veröffentlicht 28.03.2024 16:15:08
  • Zuletzt bearbeitet 21.11.2024 08:23:36

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service.