Apple

Safari

1591 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2013-1040

  • EPSS 2.31%
  • Veröffentlicht 19.09.2013 10:27:55
  • Zuletzt bearbeitet 29.04.2026 01:13:23

WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S...

6.8

CVE-2013-1041

  • EPSS 2.31%
  • Veröffentlicht 19.09.2013 10:27:55
  • Zuletzt bearbeitet 29.04.2026 01:13:23

WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S...

6.8

CVE-2013-1009

  • EPSS 1.1%
  • Veröffentlicht 05.06.2013 14:39:55
  • Zuletzt bearbeitet 29.04.2026 01:13:23

WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1023.

4.3

CVE-2013-1012

  • EPSS 0.32%
  • Veröffentlicht 05.06.2013 14:39:55
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements.

4.3

CVE-2013-1013

  • EPSS 0.21%
  • Veröffentlicht 05.06.2013 14:39:55
  • Zuletzt bearbeitet 29.04.2026 01:13:23

XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors.

6.8

CVE-2013-1023

  • EPSS 1.1%
  • Veröffentlicht 05.06.2013 14:39:55
  • Zuletzt bearbeitet 29.04.2026 01:13:23

WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1009.

6.8

CVE-2013-0960

  • EPSS 1.19%
  • Veröffentlicht 15.03.2013 20:55:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961.

6.8

CVE-2013-0961

  • EPSS 1.19%
  • Veröffentlicht 15.03.2013 20:55:10
  • Zuletzt bearbeitet 29.04.2026 01:13:23

WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0960.

4.3

CVE-2012-5851

Exploit
  • EPSS 0.34%
  • Veröffentlicht 15.11.2012 11:58:40
  • Zuletzt bearbeitet 29.04.2026 01:13:23

html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS)...

5.1

CVE-2012-3748

  • EPSS 11.81%
  • Veröffentlicht 03.11.2012 17:55:01
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays.