Product:

Safari

(Apple)
Repositories https://github.com/WebKit/webkit
#Vulnerabilities 1470
Date Id Summary Products Score Patch Annotated
2023-11-30 CVE-2023-42916 An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Ipados, Iphone_os, Macos, Safari, Debian_linux, Fedora, Webkitgtk\+ 6.5
2024-11-20 CVE-2024-44309 A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. Ipados, Iphone_os, Macos, Safari, Visionos 6.1
2020-02-27 CVE-2020-3825 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos 8.8
2020-02-27 CVE-2020-3833 An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing. Safari 4.3
2020-02-27 CVE-2020-3841 The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, Safari 13.0.5. A local user may unknowingly send a password unencrypted over the network. Ipados, Iphone_os, Safari 6.5
2020-02-27 CVE-2020-3862 A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos, Leap 6.5
2020-02-27 CVE-2020-3865 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos, Leap 8.8
2020-02-27 CVE-2020-3867 A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting. Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos, Leap, Webkitgtk 6.1
2020-02-27 CVE-2020-3868 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos, Leap 8.8
2020-04-01 CVE-2020-3885 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. Icloud, Ipad_os, Iphone_os, Itunes, Safari, Tvos 4.3