CVSS: 4.3EPSS: 89%CPEs: 19EXPL: 1CVE-2015-1126 – Apple OSX/iOS/Windows Safari Non-HTTPOnly Cookie Theft
https://notcve.org/view.php?id=CVE-2015-1126
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors. WebKit, utilizado en Apple iOS anterior a 8.3 y Apple Safari anterior a 6.2.5, 7.x anterior a 7.1.5, y 8.x anterior a 8.0.5, no maneja correctamente el campo userinfo en las URLs FTP, lo que permite a atacantes remotos provocar el acceso a recursos inc... • https://packetstorm.news/files/id/180601 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 1%CPEs: 21EXPL: 0CVE-2015-1119 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1119
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 0CVE-2015-1120 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1120
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 8.8EPSS: 1%CPEs: 21EXPL: 0CVE-2015-1121 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1121
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 8.8EPSS: 2%CPEs: 21EXPL: 0CVE-2015-1122 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1122
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 8.8EPSS: 1%CPEs: 21EXPL: 0CVE-2015-1124 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1124
09 Apr 2015 — WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. WebKit, utilizado en Apple iOS anterior a 8.3, Apple TV anterior a 7.2, y Apple Safari anterior a 6.2.... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00000.html •
CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 0CVE-2015-1084 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1084
18 Mar 2015 — The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL. La interfaz de usuario en WebKit, usada en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, no muestra URL's de forma consistente, lo que hace más fácil para atacantes remotos llevar a cabo ataques de phishing a través de una URL modificada. Various ... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-17: DEPRECATED: Code •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1070 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1070
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, utilizado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1071 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1071
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, utilizado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de me... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 19EXPL: 0CVE-2015-1079 – Apple Security Advisory 2015-04-08-3
https://notcve.org/view.php?id=CVE-2015-1079
18 Mar 2015 — WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. WebKit, usado en Apple Safari anterior a 6.2.4, 7.x anterior a 7.1.4, y 8.x anterior a 8.0.4, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memori... • http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html • CWE-399: Resource Management Errors •