Apple

Safari

1622 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.83%
  • Veröffentlicht 19.03.2008 00:44:00
  • Zuletzt bearbeitet 16.06.2026 22:50:47

Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via the document.domain property.

  • EPSS 1.83%
  • Veröffentlicht 19.03.2008 00:44:00
  • Zuletzt bearbeitet 16.06.2026 22:50:47

Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary JavaScript by modifying the history object.

  • EPSS 4.61%
  • Veröffentlicht 19.03.2008 00:44:00
  • Zuletzt bearbeitet 16.06.2026 22:50:47

Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows remote attackers to execute arbitrary code via crafted regular expressions in JavaScript.

  • EPSS 1.88%
  • Veröffentlicht 19.03.2008 00:44:00
  • Zuletzt bearbeitet 16.06.2026 22:50:48

Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via a frame that calls a method instance in another frame.

  • EPSS 1.2%
  • Veröffentlicht 21.02.2008 21:44:00
  • Zuletzt bearbeitet 16.06.2026 22:50:33

Apple Safari might allow remote attackers to obtain potentially sensitive memory contents or cause a denial of service (crash) via a crafted (1) bitmap (BMP) or (2) GIF file, a related issue to CVE-2008-0420.

Exploit
  • EPSS 3.26%
  • Veröffentlicht 16.01.2008 23:00:00
  • Zuletzt bearbeitet 16.06.2026 22:49:20

KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element.

  • EPSS 5.01%
  • Veröffentlicht 16.01.2008 02:00:00
  • Zuletzt bearbeitet 16.06.2026 22:48:47

Unspecified vulnerability in Foundation, as used in Apple iPhone 1.0 through 1.1.2, iPod touch 1.1 through 1.1.2, and Mac OS X 10.5 through 10.5.1, allows remote attackers to cause a denial of service (application termination) or execute arbitrary co...

  • EPSS 0.65%
  • Veröffentlicht 28.12.2007 21:46:00
  • Zuletzt bearbeitet 16.06.2026 22:48:23

Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attacke...

  • EPSS 3.11%
  • Veröffentlicht 19.12.2007 21:46:00
  • Zuletzt bearbeitet 16.06.2026 22:46:57

WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to "navigate the subframes of any other page," which can be leveraged to conduct cross-site scripting (XSS) atta...

  • EPSS 5.59%
  • Veröffentlicht 19.12.2007 21:46:00
  • Zuletzt bearbeitet 16.06.2026 22:46:57

Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption.