Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-0050 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
|
03-02-2024 - 02:24 | 15-03-2010 - 14:15 | |
CVE-2009-1724 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors r
|
09-08-2022 - 13:48 | 09-07-2009 - 17:30 | |
CVE-2009-1725 | 9.3 |
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character
|
09-08-2022 - 13:48 | 09-07-2009 - 17:30 | |
CVE-2009-2816 | 6.8 |
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight,
|
08-11-2021 - 21:43 | 13-11-2009 - 15:30 | |
CVE-2010-1770 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, wh
|
07-08-2020 - 15:25 | 11-06-2010 - 19:30 | |
CVE-2011-1295 | 7.5 |
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks,
|
29-05-2020 - 20:36 | 25-03-2011 - 19:55 | |
CVE-2010-1029 | 5.0 |
Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (ap
|
26-09-2019 - 17:05 | 19-03-2010 - 21:30 | |
CVE-2010-1404 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SV
|
10-10-2018 - 19:57 | 11-06-2010 - 18:00 | |
CVE-2010-1403 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary co
|
10-10-2018 - 19:57 | 11-06-2010 - 18:00 | |
CVE-2010-1749 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
10-10-2018 - 19:57 | 11-06-2010 - 18:00 | |
CVE-2010-1402 | 9.3 |
Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors
|
10-10-2018 - 19:57 | 11-06-2010 - 18:00 | |
CVE-2010-1397 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
10-10-2018 - 19:56 | 11-06-2010 - 18:00 | |
CVE-2010-1398 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (mem
|
10-10-2018 - 19:56 | 11-06-2010 - 18:00 | |
CVE-2010-1392 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
10-10-2018 - 19:56 | 11-06-2010 - 18:00 | |
CVE-2010-1401 | 9.3 |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or caus
|
10-10-2018 - 19:56 | 11-06-2010 - 18:00 | |
CVE-2009-0744 | 5.0 |
Apple Safari 4 Beta build 528.16 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a feeds: URI beginning with a (1) % (percent), (2) { (open curly bracket), (3) } (close curly bracket), (4) ^ (
|
10-10-2018 - 19:30 | 27-02-2009 - 17:30 | |
CVE-2009-2285 | 4.3 |
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
|
03-10-2018 - 22:00 | 01-07-2009 - 13:00 | |
CVE-2009-1726 | 9.3 |
Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile.
|
29-09-2017 - 01:34 | 06-08-2009 - 16:30 | |
CVE-2009-1233 | 4.3 |
Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service (application crash) via an XML document containing many nested A elements.
|
29-09-2017 - 01:34 | 02-04-2009 - 17:30 | |
CVE-2009-0321 | 4.3 |
Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . (dot) or (2) .. (
|
29-09-2017 - 01:33 | 28-01-2009 - 18:30 | |
CVE-2011-4692 | 5.0 |
WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the bro
|
19-09-2017 - 01:34 | 07-12-2011 - 19:55 | |
CVE-2010-3822 | 9.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized pointer during processing of Cascading Style Sheets (CSS) counter styles, which allows remote attackers to exe
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3826 | 9.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of colors in an SVG document, which allows remote attacker
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3813 | 5.8 |
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly othe
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3808 | 9.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to exec
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3805 | 9.3 |
Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors invo
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3817 | 9.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) 3D transforms, which allow
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3824 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via v
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3804 | 5.0 |
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attacke
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3821 | 9.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the :first-letter pseudo-element in a Cascading Style Sheets (CSS) token sequence, which allows remote attacker
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3816 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via v
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3820 | 9.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses uninitialized memory during processing of editable elements, which allows remote attackers to execute arbitrary code or cause a
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3803 | 9.3 |
Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted str
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3809 | 9.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execut
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3819 | 9.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) boxes, which allows remote
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3823 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via v
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3811 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via v
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3812 | 9.3 |
Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows re
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3818 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via v
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3810 | 4.3 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the History object, which allows remote attackers to spoof the location bar's URL or add URLs to the history vi
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-1787 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1780 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1758 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1792 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1759 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1807 | 9.3 |
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (applic
|
19-09-2017 - 01:30 | 10-09-2010 - 19:00 | |
CVE-2010-1786 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1771 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1414 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1400 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1384 | 4.3 |
Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not provide a warning about a (1) http or (2) https URL that contains a username and password, which makes it easier for remote attackers to cond
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1939 | 7.6 |
Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which trigge
|
19-09-2017 - 01:30 | 13-05-2010 - 22:30 | |
CVE-2010-1422 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle changes to keyboard focus that occur during processing of key press events, which allows remote attackers to force
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1412 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1416 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attacke
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1385 | 9.3 |
Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF d
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1790 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle just-in-time (JIT) compiled JavaScript stubs, which allows remote attackers to exec
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1782 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1418 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via a FRAME element with a SRC at
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1408 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, relate
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1793 | 9.3 |
Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denia
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1750 | 9.3 |
Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1421 | 4.3 |
The execCommand JavaScript function in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict remote execution of clipboard commands, which allows remote attackers to m
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1389 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involvi
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1806 | 9.3 |
Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers.
|
19-09-2017 - 01:30 | 10-09-2010 - 19:00 | |
CVE-2010-1805 | 6.9 |
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been d
|
19-09-2017 - 01:30 | 10-09-2010 - 19:00 | |
CVE-2010-1791 | 9.3 |
Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1415 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash)
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1406 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remot
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1417 | 9.3 |
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory co
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1410 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1783 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbit
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1761 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1788 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1778 | 4.3 |
Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via an RSS feed.
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1419 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application cr
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1396 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1391 | 4.3 |
Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1785 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1774 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1762 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a T
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1409 | 5.8 |
Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to trigger disclosure of data over IRC via vectors involving an IRC service po
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1405 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HT
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1395 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constru
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1399 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during a selection change on a form input element, which allows remote attackers to execute arbitrary code or
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1394 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML docume
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1119 | 10.0 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of serv
|
19-09-2017 - 01:30 | 25-03-2010 - 21:00 | |
CVE-2010-1789 | 9.3 |
Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a J
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1413 | 5.0 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends NTLM credentials in cleartext in unspecified circumstances, which allows man-in-the-middle attackers to obtain sensitive information v
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1390 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to improper U
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1764 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, follows multiple redirections during form submission, which allows remote web servers to obtain sensitive information by recording the form
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1393 | 4.3 |
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1796 | 2.6 |
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1784 | 9.3 |
The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-0047 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content." Per: http://lists.ap
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0043 | 9.3 |
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image. Per: http://lists.apple.com/archi
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0051 | 4.3 |
WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651. Per: http://li
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2010-0045 | 9.3 |
Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and execute arbitrary code via a crafted HTML document. Per: http://lists.apple.com/archives/security-announce/201
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0041 | 4.3 |
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0042 | 4.3 |
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafte
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0046 | 9.3 |
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments. Per: http://
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0048 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document. Per: http://lists.apple.com/archives/security-announce/
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0054 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements. Per: http://lists.apple.com/archives/secur
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2010-0544 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malforme
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-0651 | 4.3 |
WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, whi
|
19-09-2017 - 01:30 | 18-02-2010 - 18:00 | |
CVE-2010-0049 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. Per: http://lists.a
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2010-0044 | 4.3 |
PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed. Per: http://lists.ap
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0053 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property. Pe
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2010-0040 | 9.3 |
Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0052 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements." Per: http://lists.apple.com/a
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2009-3016 | 4.3 |
Apple Safari 4.0.3 does not properly block javascript: and data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contain
|
19-09-2017 - 01:29 | 31-08-2009 - 16:30 | |
CVE-2009-2842 | 4.3 |
Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site.
|
19-09-2017 - 01:29 | 13-11-2009 - 15:30 | |
CVE-2009-3384 | 9.3 |
Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing
|
19-09-2017 - 01:29 | 13-11-2009 - 15:30 |