Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-0047 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content."
|
15-10-2024 - 21:35 | 15-03-2010 - 13:28 | |
CVE-2010-0048 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.
|
15-10-2024 - 21:35 | 15-03-2010 - 13:28 | |
CVE-2010-0050 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
|
03-02-2024 - 02:24 | 15-03-2010 - 14:15 | |
CVE-2010-1772 | 6.8 |
Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web
|
02-02-2024 - 16:27 | 24-09-2010 - 19:00 | |
CVE-2010-1781 | 6.8 |
Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element.
|
09-08-2022 - 13:49 | 09-09-2010 - 22:00 | |
CVE-2010-1407 | 4.3 |
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML do
|
09-08-2022 - 13:48 | 22-06-2010 - 20:30 | |
CVE-2010-1387 | 9.3 |
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) vi
|
09-08-2022 - 13:48 | 18-06-2010 - 16:30 | |
CVE-2010-1814 | 6.8 |
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus.
|
09-08-2022 - 13:46 | 09-09-2010 - 22:00 | |
CVE-2010-1815 | 6.8 |
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollba
|
09-08-2022 - 13:46 | 09-09-2010 - 22:00 | |
CVE-2010-1812 | 6.8 |
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selectio
|
09-08-2022 - 13:46 | 09-09-2010 - 22:00 | |
CVE-2010-1773 | 6.8 |
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory
|
14-08-2020 - 16:23 | 24-09-2010 - 19:00 | |
CVE-2010-2647 | 9.3 |
Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.
|
10-08-2020 - 17:29 | 06-07-2010 - 17:17 | |
CVE-2010-2648 | 9.3 |
The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown ve
|
07-08-2020 - 15:42 | 06-07-2010 - 17:17 | |
CVE-2010-1770 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, wh
|
07-08-2020 - 15:25 | 11-06-2010 - 19:30 | |
CVE-2010-3259 | 4.3 |
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, does not properly restrict read access to images derived from CANVAS elements, which allows remote attackers to bypass t
|
04-08-2020 - 19:45 | 07-09-2010 - 18:00 | |
CVE-2010-3257 | 9.3 |
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (applicat
|
04-08-2020 - 19:41 | 07-09-2010 - 18:00 | |
CVE-2010-3116 | 10.0 |
Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of servic
|
04-08-2020 - 19:31 | 24-08-2010 - 20:00 | |
CVE-2010-3115 | 5.0 |
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.
|
04-08-2020 - 16:37 | 24-08-2010 - 20:00 | |
CVE-2010-3114 | 10.0 |
The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) Inser
|
04-08-2020 - 16:36 | 24-08-2010 - 20:00 | |
CVE-2010-3113 | 10.0 |
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related
|
04-08-2020 - 16:30 | 24-08-2010 - 20:00 | |
CVE-2010-3255 | 9.3 |
Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
|
04-08-2020 - 14:16 | 07-09-2010 - 18:00 | |
CVE-2010-3119 | 10.0 |
Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not properly support the Ruby language, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
|
04-08-2020 - 14:05 | 24-08-2010 - 20:00 | |
CVE-2010-3248 | 5.0 |
Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors.
|
03-08-2020 - 20:55 | 07-09-2010 - 18:00 | |
CVE-2010-4204 | 7.5 |
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified othe
|
31-07-2020 - 18:25 | 06-11-2010 - 00:00 | |
CVE-2010-4197 | 7.5 |
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text
|
31-07-2020 - 17:53 | 06-11-2010 - 00:00 | |
CVE-2010-4198 | 6.8 |
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified oth
|
31-07-2020 - 17:53 | 06-11-2010 - 00:00 | |
CVE-2010-4040 | 6.8 |
Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.
|
31-07-2020 - 17:33 | 21-10-2010 - 19:00 | |
CVE-2010-4206 | 6.8 |
Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service
|
31-07-2020 - 15:06 | 06-11-2010 - 00:00 | |
CVE-2010-0650 | 2.6 |
WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.
|
16-11-2018 - 16:13 | 18-02-2010 - 18:00 | |
CVE-2009-2797 | 5.0 |
The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by readi
|
16-11-2018 - 15:38 | 10-09-2009 - 21:30 | |
CVE-2010-1404 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SV
|
10-10-2018 - 19:57 | 11-06-2010 - 18:00 | |
CVE-2010-1403 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary co
|
10-10-2018 - 19:57 | 11-06-2010 - 18:00 | |
CVE-2010-1402 | 9.3 |
Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors
|
10-10-2018 - 19:57 | 11-06-2010 - 18:00 | |
CVE-2010-1397 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
10-10-2018 - 19:56 | 11-06-2010 - 18:00 | |
CVE-2010-1398 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (mem
|
10-10-2018 - 19:56 | 11-06-2010 - 18:00 | |
CVE-2010-1392 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
10-10-2018 - 19:56 | 11-06-2010 - 18:00 | |
CVE-2010-1401 | 9.3 |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or caus
|
10-10-2018 - 19:56 | 11-06-2010 - 18:00 | |
CVE-2010-3813 | 5.8 |
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly othe
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-3812 | 9.3 |
Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows re
|
19-09-2017 - 01:31 | 22-11-2010 - 13:00 | |
CVE-2010-1787 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1780 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1758 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1767 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a
|
19-09-2017 - 01:30 | 24-09-2010 - 19:00 | |
CVE-2010-1792 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1759 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1807 | 9.3 |
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (applic
|
19-09-2017 - 01:30 | 10-09-2010 - 19:00 | |
CVE-2010-1786 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1664 | 5.0 |
Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
|
19-09-2017 - 01:30 | 03-05-2010 - 13:51 | |
CVE-2010-1771 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1414 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1400 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1422 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle changes to keyboard focus that occur during processing of key press events, which allows remote attackers to force
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1412 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1416 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attacke
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1790 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle just-in-time (JIT) compiled JavaScript stubs, which allows remote attackers to exec
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1782 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1418 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via a FRAME element with a SRC at
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1408 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, relate
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1793 | 9.3 |
Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denia
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1421 | 4.3 |
The execCommand JavaScript function in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict remote execution of clipboard commands, which allows remote attackers to m
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1389 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involvi
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1791 | 9.3 |
Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1415 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash)
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1406 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remot
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1417 | 9.3 |
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory co
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1410 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1783 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbit
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1761 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1788 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and applic
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1419 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application cr
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1396 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vecto
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1391 | 4.3 |
Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1785 | 9.3 |
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-1774 | 9.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1762 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a T
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1665 | 7.5 |
Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
|
19-09-2017 - 01:30 | 03-05-2010 - 13:51 | |
CVE-2010-1409 | 5.8 |
Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to trigger disclosure of data over IRC via vectors involving an IRC service po
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1405 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HT
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1395 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constru
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1394 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML docume
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1390 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to improper U
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1764 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, follows multiple redirections during form submission, which allows remote web servers to obtain sensitive information by recording the form
|
19-09-2017 - 01:30 | 11-06-2010 - 19:30 | |
CVE-2010-1393 | 4.3 |
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
CVE-2010-1784 | 9.3 |
The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 | |
CVE-2010-0051 | 4.3 |
WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651. Per: http://li
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2010-0046 | 9.3 |
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments. Per: http://
|
19-09-2017 - 01:30 | 15-03-2010 - 13:28 | |
CVE-2010-0647 | 9.3 |
WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.
|
19-09-2017 - 01:30 | 18-02-2010 - 18:00 | |
CVE-2010-0054 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements. Per: http://lists.apple.com/archives/secur
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2010-0651 | 4.3 |
WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, whi
|
19-09-2017 - 01:30 | 18-02-2010 - 18:00 | |
CVE-2010-0049 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. Per: http://lists.a
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2010-0053 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property. Pe
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2010-0656 | 4.3 |
WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive information or possibl
|
19-09-2017 - 01:30 | 18-02-2010 - 18:00 | |
CVE-2010-0052 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements." Per: http://lists.apple.com/a
|
19-09-2017 - 01:30 | 15-03-2010 - 14:15 | |
CVE-2009-2841 | 5.0 |
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs f
|
17-08-2017 - 01:30 | 13-11-2009 - 15:30 | |
CVE-2010-1766 | 7.5 |
Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory
|
07-02-2013 - 05:00 | 22-07-2010 - 05:42 | |
CVE-2010-1386 | 10.0 |
page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.
|
23-08-2011 - 04:00 | 19-08-2010 - 22:00 | |
CVE-2010-2264 | 4.3 |
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obta
|
18-03-2011 - 02:50 | 11-06-2010 - 19:30 | |
CVE-2010-1760 | 10.0 |
loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rd
|
18-03-2011 - 02:49 | 19-08-2010 - 22:00 | |
CVE-2010-0314 | 5.0 |
Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].hre
|
18-03-2011 - 02:46 | 14-01-2010 - 19:30 |