U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): safari
  • Search Type: Search All
  • CPE Name Search: false
There are 1,468 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2025-30466

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy.

Published: May 29, 2025; 6:15:21 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-5020

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS < 139.

Published: May 21, 2025; 2:15:53 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-24189

The issue was addressed with improved checks. This issue is fixed in Safari 18.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to memory corruption.

Published: May 19, 2025; 12:15:28 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31257

This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Published: May 12, 2025; 6:15:25 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31238

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.

Published: May 12, 2025; 6:15:24 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31223

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.

Published: May 12, 2025; 6:15:23 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31217

The issue was addressed with improved input validation. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Published: May 12, 2025; 6:15:22 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31215

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.

Published: May 12, 2025; 6:15:22 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31206

A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Published: May 12, 2025; 6:15:21 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31205

The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. A malicious website may exfiltrate data cross-origin.

Published: May 12, 2025; 6:15:21 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31204

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.

Published: May 12, 2025; 6:15:21 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-24223

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.

Published: May 12, 2025; 6:15:20 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2023-42970

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. Processing web content may lead to arbitrary code execution.

Published: April 11, 2025; 11:15:45 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2023-42875

Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory handling.

Published: April 11, 2025; 11:15:44 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31192

The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A website may be able to access sensor information without user consent.

Published: March 31, 2025; 7:15:29 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-31184

This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may gain unauthorized access to Local Network.

Published: March 31, 2025; 7:15:28 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-30467

The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Visiting a malicious website may lead to address bar spoofing.

Published: March 31, 2025; 7:15:27 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-30427

A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Published: March 31, 2025; 7:15:25 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-30425

This issue was addressed through improved state management. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A malicious website may be able to track users in Safari private browsing mode.

Published: March 31, 2025; 7:15:24 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)
CVE-2025-24264

The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Published: March 31, 2025; 7:15:23 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0:(not available)