Apple

Safari

1591 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.6

CVE-2024-4558

Exploit
  • EPSS 2.38%
  • Veröffentlicht 07.05.2024 19:15:08
  • Zuletzt bearbeitet 04.11.2025 18:16:42

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

6.5

CVE-2024-23271

  • EPSS 0.1%
  • Veröffentlicht 24.04.2024 17:15:47
  • Zuletzt bearbeitet 02.04.2026 19:17:10

A logic issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior.

8.8

CVE-2023-42950

  • EPSS 0.65%
  • Veröffentlicht 28.03.2024 16:15:08
  • Zuletzt bearbeitet 03.11.2025 22:16:27

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code exec...

6.5

CVE-2023-42956

  • EPSS 0.3%
  • Veröffentlicht 28.03.2024 16:15:08
  • Zuletzt bearbeitet 21.11.2024 08:23:36

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service.

4.3

CVE-2024-23273

  • EPSS 0.22%
  • Veröffentlicht 08.03.2024 02:15:49
  • Zuletzt bearbeitet 02.04.2026 19:17:11

This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.

6.5

CVE-2024-23280

  • EPSS 0.62%
  • Veröffentlicht 08.03.2024 02:15:49
  • Zuletzt bearbeitet 02.04.2026 19:17:12

An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user.

6.5

CVE-2024-23284

  • EPSS 0.59%
  • Veröffentlicht 08.03.2024 02:15:49
  • Zuletzt bearbeitet 02.04.2026 19:17:13

A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web conte...

6.5

CVE-2024-23254

  • EPSS 0.43%
  • Veröffentlicht 08.03.2024 02:15:48
  • Zuletzt bearbeitet 02.04.2026 19:17:06

The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin.

6.5

CVE-2024-23263

  • EPSS 0.37%
  • Veröffentlicht 08.03.2024 02:15:48
  • Zuletzt bearbeitet 02.04.2026 19:17:08

A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may...

4.3

CVE-2023-42843

  • EPSS 0.1%
  • Veröffentlicht 21.02.2024 07:15:48
  • Zuletzt bearbeitet 09.12.2024 17:31:31

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spo...