Search Results (Refine Search)
- Keyword (text search): WebKit
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-6777 |
Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions. Published: December 05, 2015; 8:59:14 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-6769 |
The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing. Published: December 05, 2015; 8:59:06 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-7014 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:48 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-7013 |
WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:48 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-7012 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:47 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-7011 |
WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:46 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-7002 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:39 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-5931 |
WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-3 and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:08 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-5930 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:07 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-5929 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:06 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-5928 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. Published: October 23, 2015; 5:59:04 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-7005 |
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1. Published: October 23, 2015; 6:59:11 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-6982 |
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1. Published: October 23, 2015; 6:59:04 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-6981 |
WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1. Published: October 23, 2015; 6:59:03 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2015-5828 |
The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site. Published: October 09, 2015; 1:59:02 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-5921 |
WebKit in Apple iOS before 9 mishandles "Content-Disposition: attachment" HTTP headers, which might allow man-in-the-middle attackers to obtain sensitive information via unspecified vectors. Published: September 18, 2015; 8:01:01 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2015-5907 |
WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by leveraging the mishandling of the resource cache of an SSL web site with an invalid X.509 certificate. Published: September 18, 2015; 8:00:48 AM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2015-5906 |
The HTML form implementation in WebKit in Apple iOS before 9 does not prevent QuickType access to the final character of a password, which might make it easier for remote attackers to discover a password by leveraging a later prediction containing that character. Published: September 18, 2015; 8:00:46 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-5827 |
WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event. Published: September 18, 2015; 6:59:46 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-5826 |
WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. Published: September 18, 2015; 6:59:45 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |