CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 0CVE-2015-1084
https://notcve.org/view.php?id=CVE-2015-1084
18 Mar 2015 — The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL. La interfaz de usuario en WebKit, usada en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, no muestra URL's de forma consistente, lo que hace más fácil para atacantes remotos llevar a cabo ataques de phishing a través de una URL modificada. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-17: DEPRECATED: Code •
CVSS: 8.8EPSS: 1%CPEs: 20EXPL: 0CVE-2015-1069 – Apple Safari Uninitialized Buffer Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1069
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, utilizado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2014-4476
https://notcve.org/view.php?id=CVE-2014-4476
28 Jan 2015 — WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479. WebKit, utilizado en Apple iOS anterior a 8.1.3; Apple Safari anterior a 6.2.3, 7.x anterior a 7.1.3, y 8.x anterior a 8.0.3; y Apple TV anterior a 7.0.3, permite a a... • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0CVE-2014-4479
https://notcve.org/view.php?id=CVE-2014-4479
28 Jan 2015 — WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477. WebKit, utilizado en Apple iOS anterior a 8.1.3; Apple Safari anterior a 6.2.3, 7.x anterior a 7.1.3, y 8.x anterior a 8.0.3; y Apple TV anterior a 7.0.3, permite a a... • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 17EXPL: 0CVE-2014-4477 – (Mobile Pwn2Own) Apple Safari Set Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-4477
27 Jan 2015 — WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479. WebKit, utilizado en Apple iOS anterior a 8.1.3; Apple Safari anterior a 6.2.3, 7.x anterior a 7.1.3, y 8.x anterior a 8.0.3; y Apple TV anterior a 7.0.3, permite a a... • http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-4474
https://notcve.org/view.php?id=CVE-2014-4474
04 Dec 2014 — WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. WebKit, utilizado en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-4475
https://notcve.org/view.php?id=CVE-2014-4475
04 Dec 2014 — WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. WebKit, utilizado en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-4465
https://notcve.org/view.php?id=CVE-2014-4465
04 Dec 2014 — WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element. WebKit en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1 permite a atacantes remotos evadir Same Origin Policy a través de secuencias del token CSS (Cascading Style Sheets) dentro de un fichero SVG en el atributo SRC de un elemento IM... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 13EXPL: 0CVE-2014-4466
https://notcve.org/view.php?id=CVE-2014-4466
04 Dec 2014 — WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. WebKit, utilizado en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-4468
https://notcve.org/view.php?id=CVE-2014-4468
04 Dec 2014 — WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. WebKit, utilizado en Apple Safari anterior a 6.2.1, 7.x anterior a 7.1.1, y 8.x anterior a 8.0.1, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción... • http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html • CWE-399: Resource Management Errors •