Apple

Safari

1622 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.08%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:18:14

CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.

  • EPSS 1.64%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:18:21

Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file.

  • EPSS 0.72%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:27:01

CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certificatio...

  • EPSS 4.48%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:27:01

ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file.

  • EPSS 5.31%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:27:01

Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.

  • EPSS 0.97%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:27:01

Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fiel...

  • EPSS 3.92%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:27:01

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in ...

  • EPSS 1.61%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:27:01

Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts.

  • EPSS 3.92%
  • Veröffentlicht 21.07.2011 23:55:01
  • Zuletzt bearbeitet 16.06.2026 23:27:02

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in ...

  • EPSS 1.58%
  • Veröffentlicht 29.06.2011 17:55:04
  • Zuletzt bearbeitet 16.06.2026 23:31:09

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.