Product:

Safari

(Apple)
Repositories https://github.com/WebKit/webkit
#Vulnerabilities 1470
Date Id Summary Products Score Patch Annotated
2024-05-07 CVE-2024-4558 Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Ipados, Iphone_os, Macos, Safari, Fedora, Chrome 9.6
2024-12-12 CVE-2024-44212 A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1, visionOS 2.1, tvOS 18.1, iOS 18.1 and iPadOS 18.1, watchOS 11.1. Cookies belonging to one origin may be sent to another origin. Ipados, Iphone_os, Safari, Tvos, Visionos, Watchos 5.3
2024-12-12 CVE-2024-54479 The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos 7.5
2024-12-12 CVE-2024-44246 The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website. Ipados, Iphone_os, Macos, Safari 5.3
2024-12-12 CVE-2024-54502 The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos 6.5
2024-12-12 CVE-2024-54508 The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash. Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos 7.5
2024-12-12 CVE-2024-54505 A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos 8.8
2024-12-12 CVE-2024-54534 The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. Ipados, Iphone_os, Macos, Safari, Tvos, Visionos, Watchos 9.8
2023-05-08 CVE-2023-27954 The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A website may be able to track sensitive user information. Ipados, Iphone_os, Macos, Safari, Tvos, Watchos, Debian_linux 6.5
2023-05-08 CVE-2023-28201 This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution. Ipados, Iphone_os, Macos, Safari 9.8