Vulnerabilities > Apple > Safari > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-24 CVE-2021-30861 Unspecified vulnerability in Apple Safari
A logic issue was addressed with improved state management.
local
low complexity
apple
5.5
2021-04-02 CVE-2021-1799 A port redirection issue was addressed with additional port validation.
network
low complexity
apple fedoraproject webkitgtk
6.5
2021-03-26 CVE-2020-7463 Use After Free vulnerability in multiple products
In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket.
local
low complexity
freebsd apple CWE-416
5.5
2021-02-16 CVE-2021-23841 NULL Pointer Dereference vulnerability in multiple products
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate.
5.9
2020-12-08 CVE-2020-9993 Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple products
The issue was addressed with improved UI handling.
network
low complexity
apple CWE-1021
4.3
2020-12-08 CVE-2020-9987 Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari
An inconsistent user interface issue was addressed with improved state management.
network
low complexity
apple CWE-1021
4.3
2020-12-08 CVE-2020-9945 Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple mac OS X
A spoofing issue existed in the handling of URLs.
network
low complexity
apple CWE-1021
4.3
2020-12-08 CVE-2020-9942 Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari
An inconsistent user interface issue was addressed with improved state management.
network
low complexity
apple CWE-1021
4.3
2020-10-27 CVE-2020-9860 Unspecified vulnerability in Apple Safari
A custom URL scheme handling issue was addressed with improved input validation.
network
low complexity
apple
5.4
2020-10-27 CVE-2020-3852 Incorrect Authorization vulnerability in Apple Safari
A logic issue was addressed with improved validation.
network
low complexity
apple CWE-863
5.3