CVSS: 6.1EPSS: 2%CPEs: 3EXPL: 1CVE-2017-2504 – Apple WebKit / Safari 10.0.3(12602.4.8) - 'Editor::Command::execute' Universal Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-2504
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with WebKit Editor commands. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. • https://www.exploit-db.com/exploits/42064 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2017-2528 – WebKit - CachedFrame does not Detach Openers Universal Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-2528
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with cached frames. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • https://www.exploit-db.com/exploits/42105 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2505 – WebKit JSC BindingNode::bindValue Failed Reference Count Increase
https://notcve.org/view.php?id=CVE-2017-2505
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en algunos productos de Apple. iOS anteriores a la versión 10.3.2 se ven afectados. • http://www.securityfocus.com/bid/98473 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-2530 – Apple Safari Element Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2530
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iCloud before 6.2.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. • http://www.securityfocus.com/bid/98455 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2544 – Apple Safari Array concat Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2544
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2526 – Apple Safari RenderInline Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2526
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se descubrió un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2017-2506 – Apple Safari RenderElement Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2506
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se detectó un problema en ciertos productos de Apple. iOS anterior a versión 10.3.2 está afectado. • http://www.securityfocus.com/bid/98474 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2017-2525 – Apple Safari RenderLayer Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2525
15 May 2017 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. • http://www.securityfocus.com/bid/98473 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3438
https://notcve.org/view.php?id=CVE-2011-3438
24 Apr 2017 — WebKit, as used in Safari 5.0.6, allows remote attackers to cause a denial of service (process crash) or arbitrary code execution. WebKit, como se utiliza en Safari 5.0.6, permite a atacantes remotos provocar una denegación de servicio (caída de proceso) o ejecución arbitraria de código. • http://support.apple.com/kb/HT4808 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 21%CPEs: 3EXPL: 1CVE-2017-2464 – Apple Safari - Array concat Memory Corruption
https://notcve.org/view.php?id=CVE-2017-2464
02 Apr 2017 — An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://www.exploit-db.com/exploits/41931 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •