Vulnerabilities > Apple > Safari > 18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-17 | CVE-2024-40857 | Cross-site Scripting vulnerability in Apple products This issue was addressed through improved state management. | 6.1 |
| 2024-09-17 | CVE-2024-40866 | Unspecified vulnerability in Apple Macos The issue was addressed with improved UI. | 6.5 |
| 2024-09-17 | CVE-2024-44187 | Origin Validation Error vulnerability in Apple products A cross-origin issue existed with "iframe" elements. | 6.5 |
| 2017-04-03 | CVE-2016-10226 | Out-of-bounds Read vulnerability in Apple Safari 18 JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp. | 7.5 |
| 2017-04-03 | CVE-2016-10222 | Improper Input Validation vulnerability in Apple Safari 18 runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function. | 7.5 |