Total
1533 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0676 | 1 Apple | 1 Safari | 2025-04-11 | 5.0 MEDIUM | N/A |
| WebKit in Apple Safari before 5.1.7 does not properly track state information during the processing of form input, which allows remote attackers to fill in form fields on the pages of arbitrary web sites via unspecified vectors. | |||||
| CVE-2012-3590 | 1 Apple | 1 Safari | 2025-04-11 | 8.8 HIGH | N/A |
| WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
| CVE-2010-1791 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index. | |||||
| CVE-2010-3823 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Geolocation objects. NOTE: this might overlap CVE-2010-3415. | |||||
| CVE-2011-2797 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. | |||||
| CVE-2012-3656 | 1 Apple | 1 Safari | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. | |||||
| CVE-2012-0680 | 1 Apple | 1 Safari | 2025-04-11 | 5.0 MEDIUM | N/A |
| Apple Safari before 6.0 does not properly handle the autocomplete attribute of a password input element, which allows remote attackers to bypass authentication by leveraging an unattended workstation. | |||||
| CVE-2010-1806 | 1 Apple | 1 Safari | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers. | |||||
| CVE-2010-1807 | 3 Apple, Google, Webkitgtk | 3 Safari, Android, Webkitgtk | 2025-04-11 | 9.3 HIGH | N/A |
| WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. | |||||
| CVE-2011-3968 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. | |||||
| CVE-2011-3969 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. | |||||
| CVE-2011-1440 | 3 Apple, Debian, Google | 4 Itunes, Safari, Debian Linux and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences. | |||||
| CVE-2010-3259 | 4 Apple, Canonical, Google and 1 more | 5 Iphone Os, Safari, Ubuntu Linux and 2 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site. | |||||
| CVE-2012-3694 | 1 Apple | 1 Safari | 2025-04-11 | 4.3 MEDIUM | N/A |
| WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to obtain sensitive information about full pathnames via a crafted web site. | |||||
| CVE-2011-2800 | 3 Apple, Debian, Google | 4 Iphone Os, Safari, Debian Linux and 1 more | 2025-04-11 | 4.3 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site. | |||||
| CVE-2010-4494 | 10 Apache, Apple, Debian and 7 more | 17 Openoffice, Iphone Os, Itunes and 14 more | 2025-04-11 | 7.5 HIGH | N/A |
| Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | |||||
| CVE-2011-3966 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. | |||||
| CVE-2011-2854 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2025-04-11 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing." | |||||
| CVE-2012-3693 | 1 Apple | 1 Safari | 2025-04-11 | 5.0 MEDIUM | N/A |
| Incomplete blacklist vulnerability in WebKit in Apple Safari before 6.0 allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, by leveraging the availability of IDN support and Unicode fonts to construct unspecified homoglyphs. | |||||
| CVE-2011-2819 | 2 Apple, Google | 3 Iphone Os, Safari, Chrome | 2025-04-11 | 6.8 MEDIUM | N/A |
| Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. | |||||