Vulnerabilities > Apple > Webkit > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-20 | CVE-2017-7038 | Cross-site Scripting vulnerability in Apple products A DOMParser XSS issue was discovered in certain Apple products. | 6.1 |
| 2017-07-20 | CVE-2017-7006 | Information Exposure Through Discrepancy vulnerability in Apple products An issue was discovered in certain Apple products. | 5.3 |
| 2016-07-22 | CVE-2016-4592 | Resource Exhaustion vulnerability in multiple products WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site. | 6.5 |
| 2016-07-22 | CVE-2016-4590 | Improper Input Validation vulnerability in Apple Safari WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. | 5.4 |
| 2016-07-22 | CVE-2016-4587 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Webkit WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site. | 6.5 |
| 2016-07-22 | CVE-2016-4585 | Cross-site Scripting vulnerability in Apple Webkit Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari. | 6.1 |