CVSS: 9.3EPSS: 6%CPEs: 74EXPL: 0CVE-2010-1405
https://notcve.org/view.php?id=CVE-2010-1405
11 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML element that has custom vertical positioning. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar código a su ... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 74EXPL: 0CVE-2010-1406
https://notcve.org/view.php?id=CVE-2010-1406
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging, a related issue to CVE-2010-0660. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, envía una URL https en la cab... • http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 74EXPL: 0CVE-2010-1408
https://notcve.org/view.php?id=CVE-2010-1408
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, related to an "integer truncation issue." NOTE: this may overlap CVE-2010-1099. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos eludir restricciones en conexiones saliente... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-189: Numeric Errors CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 2%CPEs: 74EXPL: 0CVE-2010-1410
https://notcve.org/view.php?id=CVE-2010-1410
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document with nested use elements. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar código a su elección o causar una denegación de servicio (corrupción de memoria y... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 11EXPL: 0CVE-2010-1750
https://notcve.org/view.php?id=CVE-2010-1750
11 Jun 2010 — Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Windows permite a los atacantes remotos ejecutar código a su elección o causar una denegación de servicio (fallo de la aplicación) a través de vectores relacionados con la inadecuada gestión de ventanas. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 74EXPL: 0CVE-2010-1416
https://notcve.org/view.php?id=CVE-2010-1416
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attackers to read images from other sites via a crafted canvas, related to a "cross-site image capture issue." Webkit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior v4.1 en Mac OS X v10.4, no restringe adecuadamente la lectura de un "ca... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 13%CPEs: 74EXPL: 0CVE-2010-1392 – Apple Webkit Button First-Letter Style Rendering Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1392
09 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to HTML buttons and the first-letter CSS style. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar có... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1396 – Apple Webkit Option Element ContentEditable Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1396
08 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and removing container elements. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes r... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1397 – Apple Webkit DOCUMENT_POSITION_DISCONNECTED Attribute Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1397
08 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an unspecified type. Una vulnerabilidad de uso de la memoria previamente liberada en WebKit en Safari de Apple anterior a versión 5.0 sobr... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 12%CPEs: 74EXPL: 0CVE-2010-1399 – Apple Webkit SelectionController via Marquee Event Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1399
08 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during a selection change on a form input element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, accede a memoria no inicializada durante un cambio de selección en un elem... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •