Total
258 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-2816 | 1 Apple | 2 Itunes, Webkit | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | |||||
| CVE-2010-1793 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-face or (2) use element in an SVG document. | |||||
| CVE-2011-2352 | 1 Apple | 2 Itunes, Webkit | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | |||||
| CVE-2011-0118 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | |||||
| CVE-2011-0157 | 1 Apple | 2 Iphone Os, Webkit | 2025-04-11 | 7.5 HIGH | N/A |
| WebKit, as used in Apple iOS before 4.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-09-1. | |||||
| CVE-2010-1404 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG document that contains recursive Use elements, which are not properly handled during page deconstruction. | |||||
| CVE-2010-3811 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes. | |||||
| CVE-2010-0647 | 2 Apple, Google | 2 Webkit, Chrome | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence. | |||||
| CVE-2010-1391 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involving a (1) %2f and .. (dot dot) or (2) %5c and .. (dot dot) in a URL. | |||||
| CVE-2011-3244 | 1 Apple | 2 Itunes, Webkit | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | |||||
| CVE-2011-2338 | 2 Apple, Microsoft | 5 Itunes, Webkit, Windows 7 and 2 more | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | |||||
| CVE-2010-1787 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a floating element in an SVG document. | |||||
| CVE-2011-0116 | 2 Apple, Microsoft | 6 Itunes, Webkit, Windows and 3 more | 2025-04-11 | 7.6 HIGH | N/A |
| Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to DOM manipulations during iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | |||||
| CVE-2011-3239 | 1 Apple | 2 Itunes, Webkit | 2025-04-11 | 7.6 HIGH | N/A |
| WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. | |||||
| CVE-2010-1400 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving caption elements. | |||||
| CVE-2013-5198 | 1 Apple | 5 Iphone Os, Itunes, Safari and 2 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. | |||||
| CVE-2011-0225 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||||
| CVE-2011-1457 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. | |||||
| CVE-2010-0544 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malformed URL. | |||||
| CVE-2010-1401 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the :first-letter pseudo-element. | |||||