Max CVSS 10.0 Min CVSS 4.3 Total Count58
IDCVSSSummaryLast (major) updatePublished
CVE-2011-1797 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
06-01-2015 - 22:40 21-07-2011 - 19:55
CVE-2011-0164 7.6
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vuln
02-11-2013 - 23:08 03-03-2011 - 15:00
CVE-2011-0216 9.3
Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.
06-02-2013 - 23:40 21-07-2011 - 19:55
CVE-2011-0241 9.3
Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with CCITT Group 4 encoding.
11-05-2012 - 23:34 21-07-2011 - 19:55
CVE-2011-3443 7.5
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to improper list managemen
02-03-2012 - 00:00 01-03-2012 - 19:55
CVE-2011-1774 8.8
WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425.
13-02-2012 - 23:06 21-07-2011 - 19:55
CVE-2011-0200 6.8
Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based b
03-02-2012 - 22:56 24-06-2011 - 16:55
CVE-2011-1451 7.5
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
26-01-2012 - 22:59 03-05-2011 - 18:55
CVE-2011-1449 7.5
Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
26-01-2012 - 22:59 03-05-2011 - 18:55
CVE-2011-1296 7.5
Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
26-01-2012 - 22:59 25-03-2011 - 15:55
CVE-2011-1295 7.5
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks,
26-01-2012 - 22:59 25-03-2011 - 15:55
CVE-2011-1293 7.5
Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
26-01-2012 - 22:59 25-03-2011 - 15:55
CVE-2011-1204 6.8
Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.
26-01-2012 - 22:58 10-03-2011 - 21:01
CVE-2011-1203 7.5
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
26-01-2012 - 22:58 10-03-2011 - 21:01
CVE-2011-1190 5.0
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
26-01-2012 - 22:58 10-03-2011 - 21:01
CVE-2011-1188 7.5
Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
26-01-2012 - 22:58 10-03-2011 - 21:01
CVE-2011-1121 7.5
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.
26-01-2012 - 22:58 01-03-2011 - 18:00
CVE-2011-1117 7.5
Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes."
26-01-2012 - 22:58 01-03-2011 - 18:00
CVE-2011-1115 7.5
Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
26-01-2012 - 22:58 01-03-2011 - 18:00
CVE-2011-1114 7.5
Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
26-01-2012 - 22:58 01-03-2011 - 18:00
CVE-2011-1109 7.5
Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "sta
26-01-2012 - 22:58 01-03-2011 - 18:00
CVE-2011-1107 4.3
Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the URL bar via unknown vectors.
26-01-2012 - 22:58 01-03-2011 - 18:00
CVE-2011-0983 10.0
Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
26-01-2012 - 22:58 10-02-2011 - 14:00
CVE-2011-0981 10.0
Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
26-01-2012 - 22:58 10-02-2011 - 14:00
CVE-2011-0204 6.8
Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.
23-11-2011 - 22:54 24-06-2011 - 16:55
CVE-2011-0206 7.5
Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings.
21-11-2011 - 22:53 24-06-2011 - 16:55
CVE-2011-1462 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:53 21-07-2011 - 19:55
CVE-2011-1457 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:53 21-07-2011 - 19:55
CVE-2011-1453 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:53 21-07-2011 - 19:55
CVE-2011-1288 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:53 21-07-2011 - 19:55
CVE-2011-0255 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0254 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0242 4.3
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username.
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0238 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0235 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0234 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0233 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0232 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0225 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0222 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0221 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0218 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
20-10-2011 - 22:51 21-07-2011 - 19:55
CVE-2011-0253 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
13-10-2011 - 22:50 21-07-2011 - 19:55
CVE-2011-0240 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
13-10-2011 - 22:50 21-07-2011 - 19:55
CVE-2011-0237 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
13-10-2011 - 22:50 21-07-2011 - 19:55
CVE-2011-0223 9.3
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in
13-10-2011 - 22:50 21-07-2011 - 19:55
CVE-2011-0215 9.3
ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file.
13-10-2011 - 22:50 21-07-2011 - 19:55
CVE-2010-1823 9.3
Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as doc
13-10-2011 - 22:44 24-09-2010 - 15:00
CVE-2011-0202 6.8
Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.
22-07-2011 - 22:39 24-06-2011 - 16:55
CVE-2011-0201 7.5
Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow.
22-07-2011 - 22:39 24-06-2011 - 16:55
CVE-2011-0195 4.3
The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.
22-07-2011 - 22:39 15-04-2011 - 15:55
CVE-2010-3829 5.8
WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Readi
22-07-2011 - 22:37 26-11-2010 - 15:00
CVE-2011-0244 4.3
WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds.
22-07-2011 - 00:00 21-07-2011 - 19:55
CVE-2011-0219 5.8
Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts.
22-07-2011 - 00:00 21-07-2011 - 19:55
CVE-2011-0217 4.3
Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fiel
22-07-2011 - 00:00 21-07-2011 - 19:55
CVE-2011-0214 5.0
CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certificatio
22-07-2011 - 00:00 21-07-2011 - 19:55
CVE-2010-1420 4.3
Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via a crafted text/plain file.
22-07-2011 - 00:00 21-07-2011 - 19:55
CVE-2010-1383 9.3
CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.
22-07-2011 - 00:00 21-07-2011 - 19:55
Back to Top Mark selected
Back to Top