This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apple First view 2003-06-09
Product Safari Last view 2021-10-19
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* 1214
cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:* 1179
cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:* 1178
cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:* 1177
cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:* 1176
cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:* 1175
cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:* 1173
cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:* 1173
cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:* 1172
cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:* 1171
cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:* 1170
cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:* 1169
cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:* 1168
cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:* 1168
cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:* 1168
cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:* 1168
cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:* 1167
cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:* 1165
cpe:2.3:a:apple:safari:3.0.1:*:windows:*:*:*:*:* 1165
cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:* 1165
cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:* 1165
cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:* 1164
cpe:2.3:a:apple:safari:3.0:*:windows:*:*:*:*:* 1161
cpe:2.3:a:apple:safari:2.0.4_419.3:*:*:*:*:*:*:* 1161
cpe:2.3:a:apple:safari:beta2:*:*:*:*:*:*:* 1161
cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:* 1160
cpe:2.3:a:apple:safari:3.0.2:*:windows:*:*:*:*:* 1160
cpe:2.3:a:apple:safari:*:*:windows:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:2.0.3_417.9.3:*:mac_os_x_10.4.6:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:2.0_pre:*:*:*:*:*:*:* 1159
cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:1.3.2:312.5:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:1.0.3:85.8.1:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:* 1158
cpe:2.3:a:apple:safari:1.3.2:312.6:*:*:*:*:*:* 1158

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2021-10-19 CVE-2021-30846

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2021-09-08 CVE-2021-30797

This issue was addressed with improved checks. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to code execution.

8.8 2021-09-08 CVE-2021-30795

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2021-09-08 CVE-2021-30758

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.7, Safari 14.1.2, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2021-09-08 CVE-2021-30749

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution.

6.1 2021-09-08 CVE-2021-30744

Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.

8.8 2021-09-08 CVE-2021-30734

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to arbitrary code execution.

5.4 2021-09-08 CVE-2021-30720

A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious website may be able to access restricted ports on arbitrary servers.

7.5 2021-09-08 CVE-2021-30698

A null pointer dereference was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, Safari 14.1.1, iOS 14.6 and iPadOS 14.6. A remote attacker may be able to cause a denial of service.

6.1 2021-09-08 CVE-2021-30689

A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. Processing maliciously crafted web content may lead to universal cross site scripting.

5.5 2021-09-08 CVE-2021-30682

A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information.

8.8 2021-09-08 CVE-2021-30663

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2021-09-08 CVE-2021-30661

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

6.1 2021-09-08 CVE-2021-1825

An input validation issue was addressed with improved input validation. This issue is fixed in iTunes 12.11.3 for Windows, iCloud for Windows 12.3, macOS Big Sur 11.3, Safari 14.1, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may lead to a cross site scripting attack.

8.8 2021-04-02 CVE-2021-1844

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution.

6.5 2021-04-02 CVE-2021-1799

A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers.

8.8 2021-04-02 CVE-2021-1788

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution.

5.5 2021-03-26 CVE-2020-7463

In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, improper handling in the kernel causes a use-after-free bug by sending large user messages from multiple threads on the same SCTP socket. The use-after-free situation may result in unintended kernel behaviour including a kernel panic.

5.9 2021-02-16 CVE-2021-23841

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

4.3 2020-12-08 CVE-2020-9993

The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing.

4.3 2020-12-08 CVE-2020-9987

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing.

8.8 2020-12-08 CVE-2020-9950

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, tvOS 14.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2020-12-08 CVE-2020-9947

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.

4.3 2020-12-08 CVE-2020-9945

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing.

4.3 2020-12-08 CVE-2020-9942

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, Safari 13.1.2. Visiting a malicious website may lead to address bar spoofing.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
39% (457) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (98) CWE-787 Out-of-bounds Write
7% (92) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
7% (90) CWE-20 Improper Input Validation
7% (88) CWE-399 Resource Management Errors
7% (87) CWE-416 Use After Free
6% (80) CWE-200 Information Exposure
3% (36) CWE-264 Permissions, Privileges, and Access Controls
1% (17) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (15) CWE-189 Numeric Errors
0% (10) CWE-310 Cryptographic Issues
0% (10) CWE-125 Out-of-bounds Read
0% (7) CWE-362 Race Condition
0% (6) CWE-704 Incorrect Type Conversion or Cast
0% (6) CWE-287 Improper Authentication
0% (6) CWE-254 Security Features
0% (5) CWE-346 Origin Validation Error
0% (5) CWE-190 Integer Overflow or Wraparound
0% (4) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
0% (4) CWE-255 Credentials Management
0% (4) CWE-19 Data Handling
0% (3) CWE-284 Access Control (Authorization) Issues
0% (3) CWE-16 Configuration
0% (2) CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
0% (2) CWE-522 Insufficiently Protected Credentials

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:8509 Blended Threat Remote Code Execution Vulnerability
oval:org.mitre.oval:def:6108 Blended Threat Remote Code Execution Vulnerability
oval:org.mitre.oval:def:5782 Blended Threat Elevation of Privilege Vulnerability
oval:org.mitre.oval:def:6091 Apple Safari Malformed URI Remote Denial of Service Vulnerability
oval:org.mitre.oval:def:6066 Apple Safari Malformed URI Remote Denial of Service Vulnerability
oval:org.mitre.oval:def:5559 Apple Safari Denial of Service Vulnerability
oval:org.mitre.oval:def:8224 DSA-1784 freetype -- integer overflows
oval:org.mitre.oval:def:13797 USN-767-1 -- freetype vulnerability
oval:org.mitre.oval:def:13395 DSA-1784-1 freetype -- integer overflows
oval:org.mitre.oval:def:10149 Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attacke...
oval:org.mitre.oval:def:22787 ELSA-2009:1061: freetype security update (Important)
oval:org.mitre.oval:def:29091 RHSA-2009:1061 -- freetype security update (Important)
oval:org.mitre.oval:def:11584 Array index error in the insertItemBefore method in WebKit, as used in Apple ...
oval:org.mitre.oval:def:8086 DSA-1867 kdelibs -- several vulnerabilities
oval:org.mitre.oval:def:7524 DSA-1868 kde4libs -- several vulnerabilities
oval:org.mitre.oval:def:13290 DSA-1867-1 kdelibs -- several vulnerabilities
oval:org.mitre.oval:def:13176 DSA-1868-1 kde4libs -- several vulnerabilities
oval:org.mitre.oval:def:10260 The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone...
oval:org.mitre.oval:def:11009 Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, i...
oval:org.mitre.oval:def:9484 WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS...
oval:org.mitre.oval:def:13862 USN-822-1 -- kde4libs, kdelibs vulnerabilities
oval:org.mitre.oval:def:22057 ELSA-2009:1127: kdelibs security update (Critical)
oval:org.mitre.oval:def:29301 RHSA-2009:1127 -- kdelibs security update (Critical)
oval:org.mitre.oval:def:8135 DSA-1866 kdegraphics -- several vulnerabilities
oval:org.mitre.oval:def:13597 DSA-1866-1 kdegraphics -- several vulnerabilities

SAINT Exploits

Description Link
Apple Safari parent.close() Invalid Pointer Code Execution More info here
QuickTime RTSP Content-Type header buffer overflow More info here
Safari WebKit floating point number buffer overflow More info here
Apple Safari libxslt File Create More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78547 Google Chrome Tree Builder Remote Overflow
78545 Google Chrome Use-after-free DOM Handling Unspecified Remote DoS
78544 Google Chrome Use-after-free DOM Selections Unspecified Remote DoS
77715 Google Chrome Range Handling Use-after-free Remote Code Execution
77711 Google Chrome CSS Property Array Unspecified Remote Memory Corruption
77710 Google Chrome SVG Parsing Out-of-bounds Read Remote DoS
77621 Google Chrome WebKit Cache Objects Image Handling Browsing History Disclosure
77618 Apple Safari WebKit Cache Objects Image Handling Browsing History Disclosure
77605 Apple Safari JavaScript Implementation getComputedStyle Method Page Handling ...
77037 Google Chrome Editing Unspecified Use-after-free Remote Issue
76559 Google Chrome Use-after-free Plug-ins and Editing Remote Code Execution
76558 Google Chrome Javascript URI Cookie Disclosure
76556 Google Chrome Multiple Use-after-free Stale Style Sheet Handling Remote Code ...
76552 Google Chrome Multiple Unspecified Same Origin Policy Bypass
76545 Google Chrome History Handling URL Bar Spoofing
76391 Apple Safari WebKit Private Browsing Mode Cookie Block Bypass
76390 Apple Safari SSL Certificate Handling Unitialized Memory Access Remote Code E...
76389 Apple Safari file:// URL Handling Remote Code Execution
76388 Apple Safari safari-extension:// URL Handling Traversal Remote Code Execution
76353 Apple iOS WebKit Inactive DOM Window Handling XSS
76062 Google Chrome Stale Font SVG Text Handling Remote Code Execution
75562 Google Chrome Use-after-free Table Style Handling Remote Code Execution
75559 Google Chrome Use-after-free Focus Controller Remote Code Execution
75557 Google Chrome Stale Node Stylesheet Handling Remote Code Execution
75556 Google Chrome Use-after-free ruby / table Style Handling Remote Code Execution

ExploitDB Exploits

id Description
28081 Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow
22406 Konqueror 4.7.3 Memory Corruption
18446 Webkit normalize bug for android 2.2 (CVE-2010-1759)
17986 Apple Safari file:// Arbitrary Code Execution
17575 Safari 5.0.5 SVG Remote Code Execution Exploit (DEP bypass)
17567 Safari SVG DOM processing PoC
15548 Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit
15423 Android 2.0-2.1 Reverse Shell Exploit
14422 libpng <= 1.4.2 Denial of Service Vulnerability

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0374-1 (update)
File : nvt/gb_suse_2012_0374_1.nasl
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update)
File : nvt/gb_suse_2012_0466_1.nasl
2012-11-21 Name : Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)
File : nvt/gb_apple_safari_webcore_webkit_xss_vuln_macosx.nasl
2012-11-21 Name : Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
File : nvt/gb_apple_safari_webcore_webkit_xss_vuln_win.nasl
2012-11-21 Name : Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Linux)
File : nvt/gb_google_chrome_webcore_webkit_xss_vuln_lin.nasl
2012-11-21 Name : Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)
File : nvt/gb_google_chrome_webcore_webkit_xss_vuln_macosx.nasl
2012-11-21 Name : Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
File : nvt/gb_google_chrome_webcore_webkit_xss_vuln_win.nasl
2012-11-19 Name : Fedora Update for kdelibs FEDORA-2012-17388
File : nvt/gb_fedora_2012_17388_kdelibs_fc16.nasl
2012-11-02 Name : Apple Safari Multiple Vulnerabilities (APPLE-SA-2012-09-19-3)
File : nvt/gb_apple_safari_mult_vuln_nov12_macosx.nasl
2012-10-26 Name : Ubuntu Update for webkit USN-1617-1
File : nvt/gb_ubuntu_USN_1617_1.nasl
2012-10-03 Name : Fedora Update for libxml2 FEDORA-2012-13824
File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl
2012-10-01 Name : Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_oct12_macosx.nasl
2012-09-27 Name : Fedora Update for libxml2 FEDORA-2012-13820
File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl
2012-09-17 Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows)
File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl
2012-08-09 Name : Ubuntu Update for webkit USN-1524-1
File : nvt/gb_ubuntu_USN_1524_1.nasl
2012-08-01 Name : Apple Safari Multiple Vulnerabilities - Aug 2012 (Windows)
File : nvt/gb_apple_safari_mult_vuln_aug12_win.nasl
2012-07-30 Name : CentOS Update for libxml2 CESA-2012:0016 centos4
File : nvt/gb_CESA-2012_0016_libxml2_centos4.nasl
2012-07-30 Name : CentOS Update for libxml2 CESA-2012:0017 centos5
File : nvt/gb_CESA-2012_0017_libxml2_centos5.nasl
2012-07-30 Name : Apple Safari Multiple Vulnerabilities - July 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_jul12_macosx.nasl
2012-07-13 Name : VMSA-2012-0012 VMware ESXi update addresses several security issues.
File : nvt/gb_VMSA-2012-0012.nasl
2012-07-09 Name : RedHat Update for libxml2 RHSA-2011:1749-03
File : nvt/gb_RHSA-2011_1749-03_libxml2.nasl
2012-06-05 Name : RedHat Update for webkitgtk RHSA-2011:0177-01
File : nvt/gb_RHSA-2011_0177-01_webkitgtk.nasl
2012-05-31 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium13.nasl
2012-05-31 Name : Gentoo Security Advisory GLSA 201205-01 (chromium)
File : nvt/glsa_201205_01.nasl
2012-05-24 Name : Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows)
File : nvt/secpod_apple_safari_mult_vuln_win_oct11.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0222 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0061471
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2015-A-0158 Multiple Vulnerabilities in Oracle Java SE
Severity: Category I - VMSKEY: V0061089
2014-B-0083 Multiple Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0052903
2014-B-0048 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0050015
2014-B-0024 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0046157
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0073 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0032171
2009-T-0021 Microsoft Windows SearchPath Blended Threat Vulnerability
Severity: Category II - VMSKEY: V0018776

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2021-01-12 file URI redirect attempt
RuleID : 56580 - Type : POLICY-OTHER - Revision : 1
2020-11-19 Apple Safari WebKit Webcore SVGAnimateElementBase use after free attempt
RuleID : 56044 - Type : BROWSER-WEBKIT - Revision : 1
2020-11-19 Apple Safari WebKit Webcore SVGAnimateElementBase use after free attempt
RuleID : 56043 - Type : BROWSER-WEBKIT - Revision : 1
2020-11-19 Apple Safari Webkit attribute child removal code execution attempt
RuleID : 56042 - Type : BROWSER-WEBKIT - Revision : 1
2020-11-18 Apple Safari WebKit JSPropertyNameEnumeration type confusion attempt
RuleID : 56009 - Type : BROWSER-WEBKIT - Revision : 1
2020-11-18 Apple Safari WebKit JSPropertyNameEnumeration type confusion attempt
RuleID : 56008 - Type : BROWSER-WEBKIT - Revision : 1
2020-10-22 Apple Safari WebKit HTMLFrameElementBase isURLAllowed Subframe exploit attempt
RuleID : 55799 - Type : FILE-OTHER - Revision : 1
2020-10-22 Apple Safari WebKit HTMLFrameElementBase isURLAllowed Subframe exploit attempt
RuleID : 55798 - Type : FILE-OTHER - Revision : 1
2020-10-06 WebKit AudioArray allocate out of bounds access attempt
RuleID : 55013 - Type : BROWSER-WEBKIT - Revision : 1
2020-10-06 WebKit AudioArray allocate out of bounds access attempt
RuleID : 55012 - Type : BROWSER-WEBKIT - Revision : 1
2020-09-02 WebKit JIT compiler common subexpression elimination out of bounds access att...
RuleID : 54666 - Type : BROWSER-WEBKIT - Revision : 2
2020-09-02 WebKit JIT compiler common subexpression elimination out of bounds access att...
RuleID : 54665 - Type : BROWSER-WEBKIT - Revision : 2
2020-06-13 WebKit use-after-free remote code execution attempt
RuleID : 53976 - Type : BROWSER-WEBKIT - Revision : 1
2020-04-21 Apple Safari WebKit JavaScript engine type confusion attempt
RuleID : 53474 - Type : BROWSER-WEBKIT - Revision : 1
2020-04-21 Apple Safari WebKit JavaScript engine type confusion attempt
RuleID : 53473 - Type : BROWSER-WEBKIT - Revision : 1
2020-03-19 Apple Safari WebKit cached page memory corruption attempt
RuleID : 53122 - Type : BROWSER-WEBKIT - Revision : 1
2020-03-19 Apple Safari WebKit cached page memory corruption attempt
RuleID : 53121 - Type : BROWSER-WEBKIT - Revision : 1
2020-03-17 Apple Safari Webkit WebCore memory corruption attempt
RuleID : 53101 - Type : BROWSER-WEBKIT - Revision : 1
2020-03-17 Apple Safari Webkit WebCore memory corruption attempt
RuleID : 53100 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-21 Apple Webkit updateMinimumColumnHeight use-after-free attempt
RuleID : 52486 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-21 Apple Webkit updateMinimumColumnHeight use-after-free attempt
RuleID : 52485 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit out-of-bounds read attempt
RuleID : 52342 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit out-of-bounds read attempt
RuleID : 52341 - Type : BROWSER-WEBKIT - Revision : 1
2019-12-24 Mutiple products libpng extra row heap overflow attempt
RuleID : 52307 - Type : FILE-IMAGE - Revision : 1
2019-12-24 Mutiple products libpng extra row heap overflow attempt
RuleID : 52306 - Type : FILE-IMAGE - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-118b9abf99.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-1a8582a7ee.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-499f2dbc96.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-509fc4a5c8.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-97c58e29e4.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a1f37d2f08.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-e2e8a07a01.nasl - Type: ACT_GATHER_INFO
2018-12-21 Name: The remote Apple TV device is affected by multiple vulnerabilities.
File: appletv_12_1_1.nasl - Type: ACT_GATHER_INFO
2018-12-19 Name: An application installed on remote host is affected by multiple vulnerabilities
File: itunes_12_9_2.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: A web browser installed on the remote macOS or Mac OS X host is affected by m...
File: macosx_Safari12_0_2.nasl - Type: ACT_GATHER_INFO
2018-12-03 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201812-04.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote Apple TV device is affected by multiple vulnerabilities.
File: appletv_12_1.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_9_1.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_9_1_banner.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: A web browser installed on the remote macOS or Mac OS X host is affected by m...
File: macosx_Safari12_0_1.nasl - Type: ACT_GATHER_INFO
2018-10-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_8_banner.nasl - Type: ACT_GATHER_INFO
2018-10-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_9.nasl - Type: ACT_GATHER_INFO
2018-10-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_9_banner.nasl - Type: ACT_GATHER_INFO
2018-09-24 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4a16e37c81.nasl - Type: ACT_GATHER_INFO
2018-09-20 Name: A web browser installed on the remote macOS or Mac OS X host is affected by m...
File: macosx_safari12.nasl - Type: ACT_GATHER_INFO
2018-08-23 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201808-01.nasl - Type: ACT_GATHER_INFO
2018-08-23 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201808-04.nasl - Type: ACT_GATHER_INFO
2018-07-30 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_b9c525d9919811e8beba080027ef1a23.nasl - Type: ACT_GATHER_INFO
2018-07-27 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4256.nasl - Type: ACT_GATHER_INFO
2018-07-17 Name: The remote host is missing a macOS update that fixes multiple security vulner...
File: macos_10_13_6.nasl - Type: ACT_GATHER_INFO