Vulnerabilities > Apple > Safari > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-07-21 | CVE-2011-1774 | Improper Input Validation vulnerability in Apple Safari and Webkit WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. | 8.8 |
2011-05-03 | CVE-2011-1451 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | 7.5 |
2011-03-25 | CVE-2011-1296 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 10.0.648.204 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 7.5 |
2011-03-25 | CVE-2011-1295 | Improper Input Validation vulnerability in Google Chrome WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors. | 7.5 |
2011-03-25 | CVE-2011-1293 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the HTMLCollection implementation in Google Chrome before 10.0.648.204 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 7.5 |
2011-03-11 | CVE-2011-1203 | Multiple Security vulnerability in Google Chrome Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." | 7.5 |
2011-03-11 | CVE-2011-1188 | Multiple Security vulnerability in Google Chrome Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. | 7.5 |
2011-03-03 | CVE-2011-0132 | Resource Management Errors vulnerability in Apple Itunes, Safari and Webkit Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 7.6 |
2011-03-03 | CVE-2011-0115 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes, Safari and Webkit The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. | 7.6 |
2011-03-01 | CVE-2011-1121 | Integer Overflow OR Wraparound vulnerability in Google Chrome Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. | 7.5 |