Filtered by vendor Apple
Subscribe
Total
10175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-0541 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-11-05 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. | |||||
CVE-2008-4216 | 1 Apple | 1 Safari | 2012-10-30 | 4.3 MEDIUM | N/A |
The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from accessing local URLs, which allows remote attackers to obtain sensitive information via vectors that "launch local files." | |||||
CVE-2008-3644 | 1 Apple | 1 Safari | 2012-10-30 | 1.9 LOW | N/A |
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache. | |||||
CVE-2007-3284 | 1 Apple | 1 Safari | 2012-10-30 | 7.8 HIGH | N/A |
corefoundation.dll in Apple Safari 3.0.1 (552.12.2) for Windows allows remote attackers to cause a denial of service (crash) via certain forms that trigger errors related to History, possibly involving multiple form fields with the same name. | |||||
CVE-2007-3514 | 1 Apple | 1 Safari | 2012-10-29 | 8.5 HIGH | N/A |
Cross-domain vulnerability in Apple Safari for Windows 3.0.2 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute to a file:// location, a different vector than CVE-2007-3482. | |||||
CVE-2009-2812 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2012-10-22 | 6.8 MEDIUM | N/A |
Launch Services in Apple Mac OS X 10.5.8 does not properly recognize an unsafe Uniform Type Identifier (UTI) in an exported document type in a downloaded application, which allows remote attackers to trigger the automatic opening of a file, and execute arbitrary code, via a crafted web site. | |||||
CVE-2012-3678 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3679 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3680 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3681 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3682 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3683 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3686 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3693 | 1 Apple | 1 Safari | 2012-09-21 | 5.0 MEDIUM | N/A |
Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs. | |||||
CVE-2012-3691 | 1 Apple | 1 Safari | 2012-09-21 | 5.8 MEDIUM | N/A |
WebKit in Apple Safari before 6.0 does not properly handle Cascading Style Sheets (CSS) property values, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | |||||
CVE-2012-3589 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3590 | 1 Apple | 1 Safari | 2012-09-21 | 8.8 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3591 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3592 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
CVE-2012-3593 | 1 Apple | 1 Safari | 2012-09-21 | 9.3 HIGH | N/A |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |