U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:apple:safari:5.1.1
There are 987 matching records.
Displaying matches 701 through 720.
Vuln ID Summary CVSS Severity
CVE-2015-5799

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:18 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5798

WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:17 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5797

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:16 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5796

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:15 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5795

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:14 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5794

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:13 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5793

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:12 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5792

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:11 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5791

WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:10 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5790

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:09 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5789

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3.

Published: September 18, 2015; 6:59:08 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-5788

The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.

Published: September 18, 2015; 6:59:07 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5767

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5764 and CVE-2015-5765.

Published: September 18, 2015; 6:59:05 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5765

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5764 and CVE-2015-5767.

Published: September 18, 2015; 6:59:04 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-5764

The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspecified vectors, a different vulnerability than CVE-2015-5765 and CVE-2015-5767.

Published: September 18, 2015; 6:59:03 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-3801

The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors.

Published: September 18, 2015; 6:59:02 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2015-5748

The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume.

Published: August 16, 2015; 8:00:27 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2015-3727

WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.

Published: July 02, 2015; 10:00:17 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-3660

Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content.

Published: July 02, 2015; 9:59:19 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-3659

The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.

Published: July 02, 2015; 9:59:18 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM