Vulnerabilities > Apple > Safari > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-23	CVE-2024-23211	Unspecified vulnerability in Apple products A privacy issue was addressed with improved handling of user preferences. local low complexity apple	3.3
2020-10-16	CVE-2020-9912	Unspecified vulnerability in Apple Safari A logic issue was addressed with improved restrictions. local low complexity apple	2.1
2020-04-01	CVE-2020-3894	Race Condition vulnerability in Apple products A race condition was addressed with additional validation. network high complexity apple CWE-362	2.6
2017-07-20	CVE-2017-7006	Information Exposure Through Discrepancy vulnerability in Apple products An issue was discovered in certain Apple products. network high complexity apple CWE-203	2.6
2017-04-02	CVE-2017-2385	Information Exposure vulnerability in Apple Safari An issue was discovered in certain Apple products. local low complexity apple CWE-200	2.1
2017-02-20	CVE-2016-7650	Cross-site Scripting vulnerability in Apple Iphone OS and Safari An issue was discovered in certain Apple products. network high complexity apple CWE-79	2.6
2016-07-22	CVE-2016-4583	Race Condition vulnerability in multiple products WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document. network high complexity apple webkitgtk CWE-362	2.6
2016-05-20	CVE-2016-1849	Information Exposure vulnerability in Apple Iphone OS and Safari The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before 9.3.2 and other products, mishandles the deletion of browsing history, which might allow local users to obtain sensitive information by leveraging read access to a Safari directory. local low complexity apple CWE-200	2.1
2015-08-17	CVE-2015-5748	Code vulnerability in Apple Iphone OS, mac OS X and Safari The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local users to cause a denial of service via a crafted volume. local low complexity apple CWE-17	2.1
2015-05-21	CVE-2015-4000	Cryptographic Issues vulnerability in multiple products The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. network high complexity openssl canonical hp ibm oracle debian suse apple mozilla opera microsoft google CWE-310	3.7