CVSS: 9.8EPSS: 6%CPEs: 126EXPL: 0CVE-2010-3823
https://notcve.org/view.php?id=CVE-2010-3823
20 Nov 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Geolocation objects. NOTE: this might overlap CVE-2010-3415. Una vulnerabilidad de uso después de liberación en el WebKit de Apple Safari antes de v5.0.3 en Mac OS X v10.5 a v10.6 y Windows, y antes de v4.1.3 en Mac OS X v10.4, permite a atacant... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 0%CPEs: 126EXPL: 0CVE-2010-3809
https://notcve.org/view.php?id=CVE-2010-3809
20 Nov 2010 — WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. WebKit en Apple Safari anterior a v5.0.3 en Mac OS X v10.5 hasta v10.6 y Windows, y anterior a v4.1.3 en Mac OS X v10.4, no realiza correctamente la conversión de una varia... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 6%CPEs: 126EXPL: 0CVE-2010-3816
https://notcve.org/view.php?id=CVE-2010-3816
20 Nov 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. Vulnerabilidad de uso después de liberación en WebKit de Apple Safari anterior a v5.0.3 en Mac OS X v10.5 hasta v10.6 y Windows, y anterior a v4.1.3 en Mac OS X v10.4, permite a atacantes remotos ejecutar código de su elección o prov... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 1%CPEs: 126EXPL: 0CVE-2010-3817
https://notcve.org/view.php?id=CVE-2010-3817
20 Nov 2010 — WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) 3D transforms, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. WebKit en Apple Safari anterior a v5.0.3 en Mac OS X v10.5 hasta v10.6 y Windows, y anterior a v4.1.3 en Mac OS X v10.4, no realiza adecuadament... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html •
CVSS: 9.8EPSS: 6%CPEs: 126EXPL: 0CVE-2010-3811
https://notcve.org/view.php?id=CVE-2010-3811
20 Nov 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes. Vulnerabilidad de uso después de la liberación en Apple Safari anterior a v5.0.3 en Mac OS X v10.5 a la v10.6 y Windows en la v4.1.3 y anteriores y sobre Mac OS X v10.4, permite a atacantes remotos oejecutar código de su elec... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 6%CPEs: 126EXPL: 0CVE-2010-3818
https://notcve.org/view.php?id=CVE-2010-3818
20 Nov 2010 — Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving inline text boxes. Vulnerabilidad de uso después de liberación en WebKit en Apple Safari anterior a v5.0.3 sobre Mac OS X v10.5 hasta v10.6 y Windows, y before v4.1.3 sobre Mac OS X v10.4, permite a atacantes remotos ejecutar código de su elecci... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html • CWE-399: Resource Management Errors •
CVSS: 5.3EPSS: 1%CPEs: 126EXPL: 2CVE-2010-3804 – WebKit - Insufficient Entropy Random Number Generator
https://notcve.org/view.php?id=CVE-2010-3804
20 Nov 2010 — The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171. La implementación de JavaScript en WebKit en Apple Safari anteriores a v5.0.3 en Mac OS X v10.5 hasta v10.6 y Windows, y anteriores a v4.1.3 en Mac OS X v10.4, usa un a... • https://www.exploit-db.com/exploits/35005 • CWE-310: Cryptographic Issues •
CVSS: 6.5EPSS: 0%CPEs: 126EXPL: 0CVE-2010-3810
https://notcve.org/view.php?id=CVE-2010-3810
20 Nov 2010 — WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the History object, which allows remote attackers to spoof the location bar's URL or add URLs to the history via a cross-origin attack. WebKit en Apple Safari anteriores a v5.0.3 en Mac OS X v10.5 hasta v10.6 y Windows, y anteirores a v4.1.3 en Mac OS X v10.4, no maneja de forma adecuada el objeto History, lo que permite a atacantes remotos espiar la URL de la barra de l... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html •
CVSS: 9.3EPSS: 3%CPEs: 126EXPL: 0CVE-2010-3803
https://notcve.org/view.php?id=CVE-2010-3803
20 Nov 2010 — Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string. Desbordamiento de entero en WebKit en Apple Safari anterior a v5.0.3 sobre Mac OS X v10.5 hasta v10.6 y Windows, y anterior a v4.1.3 sobre Mac OS X v10.4, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caíd... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 1%CPEs: 126EXPL: 0CVE-2010-3826
https://notcve.org/view.php?id=CVE-2010-3826
20 Nov 2010 — WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of colors in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. WebKit en Apple Safari anterior a v5.0.3 en Mac OS X v10.5 hasta v10.6 y Windows, y anterior a v4.1.3 en Mac OS X v10.4, no realiza adecuadamente una conversión ... • http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html •