U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:apple:safari:7.0.3:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 906 matching records.
Displaying matches 801 through 820.
Vuln ID Summary CVSS Severity
CVE-2014-1390

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Published: August 14, 2014; 7:15:22 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1389

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Published: August 14, 2014; 7:15:22 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1388

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Published: August 14, 2014; 7:15:22 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1387

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Published: August 14, 2014; 7:15:22 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1386

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Published: August 14, 2014; 7:15:22 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1385

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Published: August 14, 2014; 7:15:22 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1384

WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.

Published: August 14, 2014; 7:15:22 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1382

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:27 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1369

WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows user-assisted remote attackers to access file: URLs by leveraging a URL drag operation that originates at a crafted web site.

Published: July 01, 2014; 6:17:27 AM -0400 		V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2014-1368

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:27 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1367

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:27 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1366

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:26 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1365

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:26 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1364

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:26 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1363

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:26 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1362

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:26 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1345

WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site.

Published: July 01, 2014; 6:17:25 AM -0400 		V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2014-1340

WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1.

Published: July 01, 2014; 6:17:25 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1325

WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4.

Published: July 01, 2014; 6:17:25 AM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2014-1346

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL.

Published: May 22, 2014; 3:55:08 PM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM