Page 79 of 891 results (0.010 seconds)

CVSS: 8.8EPSS: 91%CPEs: 10EXPL: 2

An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/44566 http://www.securityfocus.com/bid/103961 http://www.securitytracker.com/id/1040743 https://bugs.chromium.org/p/project-zero/issues/detail?id=1525 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208741 https://support.apple.com/HT208743 https://support.apple.com/HT208850 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://usn.ubuntu.com/3640-1 https://access.redhat.com/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0

An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/103961 http://www.securitytracker.com/id/1040743 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208741 https://support.apple.com/HT208743 https://support.apple.com/HT208848 https://support.apple.com/HT208850 https://support.apple.com/HT208852 https://support.apple.com/HT208853 https://access.redhat.com/security/cve/CVE-2018-4204 https://bugzilla.redhat.com/show_bug.cgi?id=1577374 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "JavaScriptCore" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that triggers prototype mishandling. Se ha descubierto un problema en algunos productos Apple. • https://support.apple.com/HT207600 https://support.apple.com/HT207601 https://support.apple.com/HT207617 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1040606 https://support.apple.com/HT208695 • CWE-20: Improper Input Validation •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Se ha descubierto un problema en algunos productos Apple. • http://www.securityfocus.com/bid/103580 http://www.securitytracker.com/id/1040606 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208695 https://usn.ubuntu.com/3635-1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •