) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:apple:safari:9.0.3
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-1779 |
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to bypass the Same Origin Policy and obtain physical-location data via a crafted geolocation request. Published: March 23, 2016; 9:59:46 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-1778 |
WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. Published: March 23, 2016; 9:59:45 PM -0400 |
V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
| CVE-2016-1772 |
The Top Sites feature in Apple Safari before 9.1 mishandles cookie storage, which makes it easier for remote web servers to track users via unspecified vectors. Published: March 23, 2016; 9:59:40 PM -0400 |
V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-1771 |
The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site. Published: March 23, 2016; 9:59:39 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 7.1 HIGH |
| CVE-2016-1762 |
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. Published: March 23, 2016; 9:59:30 PM -0400 |
V3.0: 8.1 HIGH V2.0: 5.8 MEDIUM |
| CVE-2009-2197 |
Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog. Published: March 23, 2016; 9:59:00 PM -0400 |
V3.0: 4.3 MEDIUM V2.0: 4.3 MEDIUM |