Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:apple:webkit:420:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2016-4591 |
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the location variable, which allows remote attackers to access the local filesystem via unspecified vectors. Published: July 21, 2016; 10:59:14 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2016-4590 |
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Published: July 21, 2016; 10:59:13 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-4589 |
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE-2016-4624. Published: July 21, 2016; 10:59:12 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2016-4588 |
WebKit in Apple tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Published: July 21, 2016; 10:59:11 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2016-4587 |
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site. Published: July 21, 2016; 10:59:10 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-4585 |
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. Published: July 21, 2016; 10:59:07 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2014-1270 |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. Published: February 26, 2014; 8:55:04 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2014-1269 |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. Published: February 26, 2014; 8:55:04 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2014-1268 |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. Published: February 26, 2014; 8:55:04 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-5228 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Published: December 18, 2013; 11:04:33 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-5225 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Published: December 18, 2013; 11:04:33 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-5199 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Published: December 18, 2013; 11:04:33 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-5198 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Published: December 18, 2013; 11:04:33 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-5197 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Published: December 18, 2013; 11:04:28 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-5196 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Published: December 18, 2013; 11:04:28 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-5195 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. Published: December 18, 2013; 11:04:24 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-5851 |
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108. Published: November 15, 2012; 6:58:40 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-0648 |
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. Published: March 08, 2012; 5:55:04 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2012-0639 |
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. Published: March 08, 2012; 5:55:04 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2012-0638 |
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. Published: March 08, 2012; 5:55:04 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.6 HIGH |