NotCVE - vendor:"Apple" product:"Safari" version:"6.1.4"

Page 4 of 889 results (0.032 seconds)

CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-40417

https://notcve.org/view.php?id=CVE-2023-40417

26 Sep 2023 — A window management issue was addressed with improved state management. This issue is fixed in Safari 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Visiting a website that frames malicious content may lead to UI spoofing. Se solucionó un problema de gestión de ventanas mejorando la gestión del estado. Este problema se solucionó en Safari 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/2 •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-48503 – webkitgtk: improper bounds checking leading to arbitrary code execution

https://notcve.org/view.php?id=CVE-2022-48503

14 Aug 2023 — The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution. El problema se solucionó con comprobaciones de límites mejoradas. Este problema se ha solucionado en tvOS 15.6, watchOS 8.7, iOS 15.6, iPadOS 15.6, macOS Monterey 12.5 and Safari 15.6. • https://support.apple.com/en-us/HT213340 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-38599 – webkitgtk: track sensitive user information

https://notcve.org/view.php?id=CVE-2023-38599

28 Jul 2023 — A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information. A flaw was found in WebKitGTK, which exists due to a logic issue in WebKit related to a user's privacy. A remote attacker may be able to track sensitive user information. • http://www.openwall.com/lists/oss-security/2023/08/02/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.4EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-32445

https://notcve.org/view.php?id=CVE-2023-32445

28 Jul 2023 — This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack. • https://support.apple.com/en-us/HT213841 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-38133 – webkitgtk: disclose sensitive information

https://notcve.org/view.php?id=CVE-2023-38133

25 Jul 2023 — The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may disclose sensitive information. A flaw was found in WebKitGTK, which exists due to excessive data output in WebKit Process Model. This issue occurs when processing malicious web content, which may lead to sensitive information disclosure to unauthorized attackers. • http://www.openwall.com/lists/oss-security/2023/08/02/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-38594 – webkitgtk: arbitrary code execution

https://notcve.org/view.php?id=CVE-2023-38594

25 Jul 2023 — The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. A flaw was found in WebKitGTK. This issue occurs when processing malicious web content, which may lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/08/02/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-38597 – webkitgtk: arbitrary code execution

https://notcve.org/view.php?id=CVE-2023-38597

25 Jul 2023 — The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code execution. A flaw was found in WebKitGTK. This issue occurs when processing malicious web content, which may lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/08/02/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2023-38572 – webkitgtk: bypass Same Origin Policy

https://notcve.org/view.php?id=CVE-2023-38572

25 Jul 2023 — The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy. A flaw was found in WebKitGTK. This flaw exists due to an error when handling the Same Origin Policy. • http://www.openwall.com/lists/oss-security/2023/08/02/1 • CWE-942: Permissive Cross-domain Policy with Untrusted Domains •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-38595 – webkitgtk: arbitrary code execution

https://notcve.org/view.php?id=CVE-2023-38595

25 Jul 2023 — The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. A flaw was found in WebKitGTK. This issue occurs when processing malicious web content, which may lead to arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/08/02/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2023-38600 – Apple Safari TypedArray copyWithin Integer Underflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2023-38600

1 2 3 4 5