Apple

Safari

1622 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.18%
  • Veröffentlicht 25.03.2010 21:00:01
  • Zuletzt bearbeitet 16.06.2026 23:17:33

Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010.

  • EPSS 1.25%
  • Veröffentlicht 24.03.2010 22:45:16
  • Zuletzt bearbeitet 16.06.2026 23:17:30

Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25.

Exploit
  • EPSS 10.38%
  • Veröffentlicht 19.03.2010 21:30:00
  • Zuletzt bearbeitet 16.06.2026 23:17:22

Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (ap...

  • EPSS 10.94%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 16.06.2026 23:15:18

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.

  • EPSS 11.64%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 16.06.2026 23:15:19

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.

  • EPSS 2.8%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 16.06.2026 23:15:19

WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.

  • EPSS 6.05%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 16.06.2026 23:15:19

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."

  • EPSS 6.05%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 16.06.2026 23:15:21

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property.

  • EPSS 6.05%
  • Veröffentlicht 15.03.2010 14:15:32
  • Zuletzt bearbeitet 16.06.2026 23:15:22

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements.

  • EPSS 6.47%
  • Veröffentlicht 15.03.2010 13:28:25
  • Zuletzt bearbeitet 16.06.2026 23:15:17

Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a...