Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apple Subscribe
Filtered by product Safari
Total 1402 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-4271 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
CVE-2018-4361 2 Apple, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2019-10-02 6.8 MEDIUM 8.8 HIGH
A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2017-2446 1 Apple 3 Iphone Os, Safari, Tvos 2019-10-02 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages the mishandling of strict mode functions.
CVE-2017-2453 1 Apple 2 Iphone Os, Safari 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof FaceTime prompts in the user interface via a crafted web site.
CVE-2017-2367 1 Apple 3 Iphone Os, Safari, Tvos 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2419 1 Apple 2 Iphone Os, Safari 2019-10-02 5.0 MEDIUM 7.5 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors.
CVE-2017-2376 1 Apple 2 Iphone Os, Safari 2019-10-02 5.0 MEDIUM 7.5 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar by leveraging text input during the loading of a page.
CVE-2017-2359 1 Apple 1 Safari 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. Safari before 10.0.3 is affected. The issue involves the "Safari" component, which allows remote attackers to spoof the address bar via a crafted web site.
CVE-2017-7161 2 Apple, Canonical 2 Safari, Ubuntu Linux 2019-10-02 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue involves the "WebKit Web Inspector" component. It allows remote attackers to execute arbitrary code via special characters that trigger command injection.
CVE-2018-4218 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2019-10-02 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free.
CVE-2018-4190 3 Apple, Canonical, Microsoft 7 Icloud, Iphone Os, Itunes and 4 more 2019-10-02 4.3 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive credential information that is transmitted during a CSS mask-image fetch.
CVE-2017-2386 1 Apple 3 Iphone Os, Safari, Tvos 2019-10-02 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2389 1 Apple 2 Iphone Os, Safari 2019-10-02 5.8 MEDIUM 8.1 HIGH
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof an HTTP authentication sheet or cause a denial of service via a crafted web site.
CVE-2014-4459 1 Apple 5 Iphone Os, Itunes, Mac Os X and 2 more 2019-07-16 6.8 MEDIUM N/A
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.
CVE-2014-4452 1 Apple 4 Iphone Os, Itunes, Safari and 1 more 2019-07-16 5.4 MEDIUM N/A
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462.
CVE-2014-4363 1 Apple 2 Iphone Os, Safari 2019-07-16 5.0 MEDIUM N/A
Safari in Apple iOS before 8 does not properly restrict the autofilling of passwords in forms, which allows remote attackers to obtain sensitive information via (1) an http web site, (2) an https web site with an unacceptable X.509 certificate, or (3) an IFRAME element.
CVE-2018-4233 3 Apple, Canonical, Microsoft 8 Icloud, Iphone Os, Itunes and 5 more 2019-06-02 6.8 MEDIUM 8.8 HIGH
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4360 2 Apple, Microsoft 6 Icloud, Iphone Os, Itunes and 3 more 2019-05-13 6.8 MEDIUM 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
CVE-2017-7064 2 Apple, Microsoft 5 Icloud, Iphone Os, Itunes and 2 more 2019-05-10 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
CVE-2017-7011 1 Apple 2 Iphone Os, Safari 2019-05-10 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site that uses FRAME elements.