CVSS: 9.3EPSS: 2%CPEs: 74EXPL: 0CVE-2010-1774
https://notcve.org/view.php?id=CVE-2010-1774
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document. Webkit en Apple Safari anterior a v5.0 en MAc OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, accede a la memoria fuera de rango durante el prcesamiento de talas HTML, lo cuál permite a... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.8EPSS: 0%CPEs: 74EXPL: 0CVE-2010-1409
https://notcve.org/view.php?id=CVE-2010-1409
11 Jun 2010 — Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to trigger disclosure of data over IRC via vectors involving an IRC service port. Vulnerabilidad de lista negra incompleta en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos provocar revelación de datos sobre IRC a través de vectores involucra... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html •
CVSS: 4.3EPSS: 1%CPEs: 74EXPL: 0CVE-2010-1422
https://notcve.org/view.php?id=CVE-2010-1422
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle changes to keyboard focus that occur during processing of key press events, which allows remote attackers to force arbitrary key presses via a crafted HTML document. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mas OS X v10.4, no maneja apropiadamente cambios en el foco del teclado que se producen durante el procesamiento d... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html •
CVSS: 9.3EPSS: 12%CPEs: 74EXPL: 0CVE-2010-1412
https://notcve.org/view.php?id=CVE-2010-1412
11 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to hover events. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar código a su elección o causar una... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 74EXPL: 0CVE-2010-1413
https://notcve.org/view.php?id=CVE-2010-1413
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends NTLM credentials in cleartext in unspecified circumstances, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors. WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, envía las credenciales NTLM sin cifrar en circunstancias sin especificar, lo cual permite a atacantes "hombre-en-el-medio" (m... • http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html • CWE-310: Cryptographic Issues •
CVSS: 9.3EPSS: 6%CPEs: 74EXPL: 0CVE-2010-1414
https://notcve.org/view.php?id=CVE-2010-1414
11 Jun 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the removeChild DOM method. Vulnerabilidad de uso despues de liberacion en WebKit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar código a su elecció... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 4%CPEs: 74EXPL: 0CVE-2010-1415
https://notcve.org/view.php?id=CVE-2010-1415
11 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to an "API abuse issue." Webkit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior v4.1 en Mac OS X v10.4, no restringe adecuadamente contextos libxml, permite a los atacantes remotos ejecutar có... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 2%CPEs: 74EXPL: 0CVE-2010-1417
https://notcve.org/view.php?id=CVE-2010-1417
11 Jun 2010 — The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content that contains multiple :after pseudo-selectors. La implementación de las Hojas de estilo en cascada (CSS) en Webkit de Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior v4.1 en Mac OS X ... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.1EPSS: 1%CPEs: 72EXPL: 0CVE-2010-1384
https://notcve.org/view.php?id=CVE-2010-1384
11 Jun 2010 — Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not provide a warning about a (1) http or (2) https URL that contains a username and password, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL. Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior a v4.1 en Mac OS X v10.4, no proporciona una advertencia acerca de URL (1) http o (2) https que contienen un usuario y contraseña, lo cual hace m... • http://jvn.jp/en/jp/JVN46026251/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 2%CPEs: 72EXPL: 0CVE-2010-1385
https://notcve.org/view.php?id=CVE-2010-1385
11 Jun 2010 — Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. Vulnerabilidad de uso despues de liberacion en Apple Safari anterior a v5.0 en Mac OS X v10.5 a v10.6 y Windows, y anterior v4.1 en Mac OS X v10.4, permite a los atacantes remotos ejecutar código a su elección o causar una denegación de servicio (fallo ... • http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html • CWE-399: Resource Management Errors •