CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1398 – Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1398
08 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element. WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1401 – Apple Webkit First-Letter Pseudo-Element Style Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1401
08 Jun 2010 — Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the :first-letter pseudo-element. Vulnerabilidad de uso despues de liberacion en la implementación de las hojas de estilo en cascada (CSS) en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 59%CPEs: 74EXPL: 0CVE-2010-1403 – Apple Webkit ProcessInstruction Target Error Message Insertion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1403
08 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers a parsing error, related to ProcessInstruction. WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y Windows, y anterio... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 74EXPL: 0CVE-2010-1749 – Apple Webkit SVG RadialGradiant Run-in Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1749
08 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child element that has been referenced multiple times. Una vulnerabilidad de uso de la memoria previamente liberada en WebKit en Safari de Apple anterio... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 11%CPEs: 74EXPL: 0CVE-2010-1402 – Apple Webkit ConditionEventListener Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1402
08 Jun 2010 — Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, related to duplicate event listeners, a timer, and an AnimateTransform object. Una vulnerabilidad de doble liberación en WebKit en Safari de Apple anterior a versión 5.0 sobre Mac OS X versiones 10.5 hasta 10.6 y ... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 6%CPEs: 2EXPL: 0CVE-2010-1120 – Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1120
25 Mar 2010 — Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010. Vulnerabilidad sin especificar en Safari 4 sobre Apple Mac Os X v10.6, permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, como ha demostrado Charlie Miller durante la competición Pwn2Own en CanSecWest 2010. This vulnerability allows remote attackers to e... • http://dvlabs.tippingpoint.com/blog/2010/02/15/pwn2own-2010 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 87%CPEs: 108EXPL: 1CVE-2010-1119 – Apple Webkit Attribute Child Removal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1119
25 Mar 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010. Una vulnerabilidad de uso de memoria pr... • https://www.exploit-db.com/exploits/16974 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 74%CPEs: 10EXPL: 1CVE-2010-0050 – Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0050
12 Mar 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags. Vulnerabilidad uso después de la liberación (use-after-free) en Apple Safari anterior v4.0.5 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de aplicación) a través de un documento HTML con etiquetas inadecuadamente anidadas. This vulnerabil... • https://www.exploit-db.com/exploits/12425 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 90%CPEs: 7EXPL: 1CVE-2010-0049 – Apple WebKit RTL LineBox Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0049
12 Mar 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. Vulnerabilidad de uso después de liberacion en WebKit de Apple Safari en versiones anteriores a la v4.0.5 permite a usuarios remotos ejecutar comandos de su elección o provocar una denegación de servicio (caida de la aplicación) a través de elementos HTML con direccionalidad de te... • https://www.exploit-db.com/exploits/33752 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 15%CPEs: 6EXPL: 0CVE-2010-0054
https://notcve.org/view.php?id=CVE-2010-0054
12 Mar 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements. Vulnerabilidad uso después de la liberación (use-after-free) en WebKit en Apple Safari anterior v4.0.5 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de aplicación) a través de vectores envueltos en elementos HTML IMG. • http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html • CWE-399: Resource Management Errors •