Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Safari
(Apple)| Repositories | https://github.com/WebKit/webkit |
| #Vulnerabilities | 1451 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-12-08 | CVE-2020-9993 | The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing. | Ipados, Iphone_os, Safari, Watchos | 4.3 | ||
| 2021-03-26 | CVE-2020-7463 | In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic. | Icloud, Ipados, Iphone_os, Itunes, Macos, Safari, Tvos, Watchos, Freebsd | 5.5 | ||
| 2021-09-08 | CVE-2021-30720 | A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers. | Ipados, Iphone_os, Macos, Safari, Tvos, Watchos | 5.4 | ||
| 2021-09-08 | CVE-2021-30734 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. | Ipados, Iphone_os, Macos, Safari, Tvos, Watchos | 8.8 | ||
| 2021-09-08 | CVE-2021-30744 | Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting. | Ipados, Iphone_os, Macos, Safari, Tvos, Watchos | 6.1 | ||
| 2021-09-08 | CVE-2021-30749 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution. | Ipados, Iphone_os, Macos, Safari, Tvos, Watchos | 8.8 | ||
| 2021-10-28 | CVE-2021-30823 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS. | Ipados, Iphone_os, Macos, Safari, Tvos, Watchos | 6.5 | ||
| 2022-11-01 | CVE-2022-32892 | An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions. | Ipados, Iphone_os, Macos, Safari | 8.6 | ||
| 2022-11-01 | CVE-2022-32922 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web content may lead to arbitrary code execution. | Ipados, Iphone_os, Macos, Safari | 8.8 | ||
| 2022-12-15 | CVE-2022-46689 | A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | Ipados, Iphone_os, Macos, Safari, Tvos, Watchos | 7.0 |