Vulnerabilities > Apple > Safari > 2.0

DATE CVE VULNERABILITY TITLE RISK
2014-12-10 CVE-2014-4468 Resource Management Errors vulnerability in Apple products
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
network
apple CWE-399
6.8
2014-12-10 CVE-2014-4466 Resource Management Errors vulnerability in Apple products
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.
network
low complexity
apple CWE-399
7.5
2014-12-10 CVE-2014-4465 Improper Input Validation vulnerability in Apple Iphone OS, Safari and Tvos
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element.
network
low complexity
apple CWE-20
5.0
2014-08-14 CVE-2014-1390 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
network
apple CWE-119
6.8
2014-08-14 CVE-2014-1389 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
network
apple CWE-119
6.8
2014-08-14 CVE-2014-1388 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
network
apple CWE-119
6.8
2014-08-14 CVE-2014-1387 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
network
apple CWE-119
6.8
2014-08-14 CVE-2014-1386 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
network
apple CWE-119
6.8
2014-08-14 CVE-2014-1385 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
network
apple CWE-119
6.8
2014-08-14 CVE-2014-1384 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367.
network
apple CWE-119
6.8