Apple

Safari

1536 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-7011

  • EPSS 1.66%
  • Veröffentlicht 23.10.2015 21:59:46
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than oth...

6.8

CVE-2015-7002

  • EPSS 1.01%
  • Veröffentlicht 23.10.2015 21:59:39
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne...

6.8

CVE-2015-5931

  • EPSS 1.53%
  • Veröffentlicht 23.10.2015 21:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than oth...

6.8

CVE-2015-5930

  • EPSS 1.08%
  • Veröffentlicht 23.10.2015 21:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne...

6.8

CVE-2015-5929

  • EPSS 1.08%
  • Veröffentlicht 23.10.2015 21:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne...

6.8

CVE-2015-5928

  • EPSS 1.01%
  • Veröffentlicht 23.10.2015 21:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulne...

4.3

CVE-2015-5828

  • EPSS 0.78%
  • Veröffentlicht 09.10.2015 05:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site.

10

CVE-2015-5780

  • EPSS 0.63%
  • Veröffentlicht 09.10.2015 05:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors.

5

CVE-2015-5827

  • EPSS 0.44%
  • Veröffentlicht 18.09.2015 10:59:46
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.

4.3

CVE-2015-5826

  • EPSS 0.66%
  • Veröffentlicht 18.09.2015 10:59:45
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.