Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:apple:safari:13.0.1
There are 135 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2020-3841

The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, Safari 13.0.5. A local user may unknowingly send a password unencrypted over the network.

Published: February 27, 2020; 4:15:16 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-3833

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing.

Published: February 27, 2020; 4:15:16 PM -0500
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-8823

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8822

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8821

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8820

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8819

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8816

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8815

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:44 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8814

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:43 PM -0500
V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2019-8813

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting.

Published: December 18, 2019; 1:15:43 PM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-8812

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:43 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8811

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:43 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8808

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:43 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8783

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:40 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2019-8782

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: December 18, 2019; 1:15:40 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2015-8960

The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.

Published: September 20, 2016; 10:59:00 PM -0400
V3.0: 8.1 HIGH
V2.0: 6.8 MEDIUM
CVE-2016-7153

The HTTP/2 protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

Published: September 06, 2016; 6:59:01 AM -0400
V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2016-7152

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

Published: September 06, 2016; 6:59:00 AM -0400
V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2016-4604

Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number.

Published: July 21, 2016; 10:59:28 PM -0400
V3.0: 5.4 MEDIUM
V2.0: 5.8 MEDIUM