Apple

Safari

1572 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2011-1440

Exploit
  • EPSS 2.48%
  • Veröffentlicht 03.05.2011 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.

6.8

CVE-2011-1449

Exploit
  • EPSS 2.34%
  • Veröffentlicht 03.05.2011 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

7.5

CVE-2011-1451

  • EPSS 2.27%
  • Veröffentlicht 03.05.2011 22:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."

7.5

CVE-2011-1295

  • EPSS 2.29%
  • Veröffentlicht 25.03.2011 19:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks,...

7.5

CVE-2011-1296

  • EPSS 1.84%
  • Veröffentlicht 25.03.2011 19:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

7.5

CVE-2011-1293

  • EPSS 1.45%
  • Veröffentlicht 25.03.2011 19:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

4.3

CVE-2011-0163

  • EPSS 1.05%
  • Veröffentlicht 11.03.2011 22:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service (resource unavailability) via a crafted web site that conducts a cach...

5.8

CVE-2011-0166

  • EPSS 0.44%
  • Veröffentlicht 11.03.2011 22:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The HTML5 drag and drop functionality in WebKit in Apple Safari before 5.0.4 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via vectors related to the dragging of content. NOTE: this might ove...

4.3

CVE-2011-0167

  • EPSS 2.05%
  • Veröffentlicht 11.03.2011 22:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site.

2.6

CVE-2011-0169

  • EPSS 0.36%
  • Veröffentlicht 11.03.2011 22:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the window.console._inspectorCommandLineAPI property, which allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site sc...