Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Safari
(Apple)| Repositories | https://github.com/WebKit/webkit |
| #Vulnerabilities | 1470 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-09-07 | CVE-2010-3257 | Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. | Iphone_os, Safari, Ubuntu_linux, Chrome, Webkitgtk | N/A | ||
| 2010-08-24 | CVE-2010-3116 | Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins. | Iphone_os, Safari, Ubuntu_linux, Chrome, Webkitgtk | N/A | ||
| 2010-10-04 | CVE-2010-1822 | WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document. | Safari, Chrome, Opensuse | N/A | ||
| 2010-12-07 | CVE-2010-4494 | Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | Openoffice, Iphone_os, Itunes, Mac_os_x, Safari, Debian_linux, Fedora, Chrome, Insight_control_server_deployment, Rapid_deployment_pack, Opensuse, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation, Suse_linux_enterprise_server, Libxml2 | N/A | ||
| 2010-09-24 | CVE-2010-1823 | Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098. | Itunes, Safari, Chrome | N/A | ||
| 2011-03-11 | CVE-2011-1204 | Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. | Iphone_os, Itunes, Safari, Chrome | N/A | ||
| 2011-03-11 | CVE-2011-1203 | Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | Iphone_os, Itunes, Safari, Chrome | N/A | ||
| 2011-03-01 | CVE-2011-1121 | Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. | Iphone_os, Itunes, Safari, Chrome | N/A | ||
| 2011-03-01 | CVE-2011-1117 | Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." | Iphone_os, Itunes, Safari, Chrome | N/A | ||
| 2011-03-01 | CVE-2011-1115 | Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | Iphone_os, Itunes, Safari, Chrome | N/A |