Apple

Safari

1572 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-1156

  • EPSS 0.63%
  • Veröffentlicht 08.05.2015 00:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a ...

4.3

CVE-2015-1155

  • EPSS 63.16%
  • Veröffentlicht 08.05.2015 00:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.

6.8

CVE-2015-1154

  • EPSS 1.16%
  • Veröffentlicht 08.05.2015 00:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnera...

6.8

CVE-2015-1153

  • EPSS 0.89%
  • Veröffentlicht 08.05.2015 00:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnera...

6.8

CVE-2015-1152

  • EPSS 0.99%
  • Veröffentlicht 08.05.2015 00:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnera...

4.3

CVE-2015-1129

  • EPSS 0.23%
  • Veröffentlicht 10.04.2015 14:59:42
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 does not properly select X.509 client certificates, which makes it easier for remote attackers to track users via a crafted web site.

5

CVE-2015-1128

  • EPSS 0.3%
  • Veröffentlicht 10.04.2015 14:59:41
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The private-browsing implementation in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 allows attackers to obtain sensitive browsing-history information via vectors involving push-notification requests.

2.1

CVE-2015-1127

  • EPSS 0.06%
  • Veröffentlicht 10.04.2015 14:59:40
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.

4.3

CVE-2015-1126

  • EPSS 65.45%
  • Veröffentlicht 10.04.2015 14:59:39
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified...

6.8

CVE-2015-1124

  • EPSS 0.91%
  • Veröffentlicht 10.04.2015 14:59:38
  • Zuletzt bearbeitet 12.04.2025 10:46:40

WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cra...