This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:apple:safari |
| Detail | |||
|---|---|---|---|
| Vendor | Apple | First view | 2003-06-09 |
| Product | Safari | Last view | 2019-08-23 |
| Version | Type | Application | |
| Edition | |||
| Language | |||
| Update | |||
Activity : Overall
COMMON PLATFORM ENUMERATION : Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:/a:apple:safari:2.0 | 889 |
| cpe:/a:apple:safari:1.0 | 888 |
| cpe:/a:apple:safari:2.0.2 | 888 |
| cpe:/a:apple:safari:1.1 | 887 |
| cpe:/a:apple:safari:1.2 | 885 |
Related : CVE
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4.3 | 2019-08-23 | CVE-2019-15499 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4464 | Network | Medium | None Requ... | |
| 4 | 2019-04-03 | CVE-2018-4445 | Network | Low | Requires ... | |
| 6.8 | 2019-04-03 | CVE-2018-4443 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4442 | Network | Medium | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 6.8 | 2019-04-03 | CVE-2018-4441 | Network | Medium | None Requ... | |
| 4.3 | 2019-04-03 | CVE-2018-4440 | Network | Medium | None Requ... | |
| 4.3 | 2019-04-03 | CVE-2018-4439 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4438 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4437 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4416 | Network | Medium | None Requ... | |
| 4.3 | 2019-04-03 | CVE-2018-4409 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4392 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4386 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4382 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4378 | Network | Medium | None Requ... | |
| 4.3 | 2019-04-03 | CVE-2018-4377 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4376 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4375 | Network | Medium | None Requ... | |
| 4.3 | 2019-04-03 | CVE-2018-4374 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4373 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4372 | Network | Medium | None Requ... | |
| 4.3 | 2019-04-03 | CVE-2018-4362 | Network | Medium | None Requ... | |
| 6.8 | 2019-04-03 | CVE-2018-4361 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| % | id | Name |
|---|---|---|
| 49% (468) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 9% (91) | CWE-399 | Resource Management Errors |
| 8% (77) | CWE-20 | Improper Input Validation |
| 7% (75) | CWE-200 | Information Exposure |
| 7% (73) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| % | id | Name |
|---|---|---|
| 3% (37) | CWE-264 | Permissions, Privileges, and Access Controls |
| 1% (17) | CWE-189 | Numeric Errors |
| 1% (17) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 1% (13) | CWE-310 | Cryptographic Issues |
| 1% (12) | CWE-416 | Use After Free |
| 0% (8) | CWE-254 | Security Features |
| 0% (6) | CWE-362 | Race Condition |
| 0% (5) | CWE-287 | Improper Authentication |
| 0% (4) | CWE-284 | Access Control (Authorization) Issues |
| 0% (4) | CWE-255 | Credentials Management |
| 0% (4) | CWE-19 | Data Handling |
| 0% (3) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 0% (3) | CWE-16 | Configuration |
| 0% (2) | CWE-601 | URL Redirection to Untrusted Site ('Open Redirect') |
| 0% (2) | CWE-125 | Out-of-bounds Read |
| 0% (2) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 0% (2) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 0% (2) | CWE-17 | Code |
| 0% (1) | CWE-787 | Out-of-bounds Write |
SAINT Exploits
| Description | Link |
|---|---|
| Apple Safari parent.close() Invalid Pointer Code Execution | More info here |
| QuickTime RTSP Content-Type header buffer overflow | More info here |
| Safari WebKit floating point number buffer overflow | More info here |
| Apple Safari libxslt File Create | More info here |
Open Source Vulnerability Database (OSVDB)
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 77621 | Google Chrome WebKit Cache Objects Image Handling Browsing History Disclosure |
| 77618 | Apple Safari WebKit Cache Objects Image Handling Browsing History Disclosure |
| 77605 | Apple Safari JavaScript Implementation getComputedStyle Method Page Handling ... |
| 76391 | Apple Safari WebKit Private Browsing Mode Cookie Block Bypass |
| 76390 | Apple Safari SSL Certificate Handling Unitialized Memory Access Remote Code E... |
| id | Description |
|---|---|
| 76389 | Apple Safari file:// URL Handling Remote Code Execution |
| 76388 | Apple Safari safari-extension:// URL Handling Traversal Remote Code Execution |
| 76353 | Apple iOS WebKit Inactive DOM Window Handling XSS |
| 75255 | Apple Safari WebKit HTML5 Drop and Drag Content Dragging Remote Information D... |
| 75254 | Apple Safari / iOS WebKit Attr.style Accessor Parsing Same Origin Policy Bypa... |
| 75253 | Apple Safari / iOS WebKit HTTP Basic Authentication Authorization HTTP Header... |
| 75013 | Apple Safari / iOS WebKit Cached Resources Cache Poisoning Remote DoS |
| 74451 | Apple Safari HTTPS Session HTTP Set-Cookie Header HSTS includeSubDomains Weak... |
| 74297 | Bugzilla Patch Attachment Raw Unified Viewing Mode XSS |
| 74019 | Apple Safari WebKit RSS Feed URL Handling Arbitrary File Disclosure |
| 74018 | Apple Safari WebKit Cross-origin Username URL Handling XSS |
| 74017 | Apple Safari WebKit libxslt Unspecified Arbitrary File Creation |
| 74016 | Apple Safari WebKit Unspecified Memory Corruption (2011-1797) |
| 74015 | Apple Safari WebKit Unspecified Memory Corruption (2011-1462) |
| 74014 | Apple Safari WebKit Unspecified Memory Corruption (2011-1457) |
| 74013 | Apple Safari WebKit Unspecified Memory Corruption (2011-1453) |
| 74012 | Apple Safari WebKit Unspecified Memory Corruption (2011-1288) |
| 74011 | Apple Safari WebKit Unspecified Memory Corruption (2011-0255) |
| 74010 | Apple Safari WebKit Unspecified Memory Corruption (2011-0254) |
| 74009 | Apple Safari WebKit Unspecified Memory Corruption (2011-0253) |
ExploitDB Exploits
| id | Description |
|---|---|
| 28081 | Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow |
| 22406 | Konqueror 4.7.3 Memory Corruption |
| 18446 | Webkit normalize bug for android 2.2 (CVE-2010-1759) |
| 17986 | Apple Safari file:// Arbitrary Code Execution |
| 17575 | Safari 5.0.5 SVG Remote Code Execution Exploit (DEP bypass) |
| id | Description |
|---|---|
| 17567 | Safari SVG DOM processing PoC |
| 15548 | Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit |
| 15423 | Android 2.0-2.1 Reverse Shell Exploit |
| 9160 | Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all) |
OpenVAS Exploits
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2012-11-21 | Name : Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Linux) File : nvt/gb_google_chrome_webcore_webkit_xss_vuln_lin.nasl |
| 2012-11-21 | Name : Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X) File : nvt/gb_google_chrome_webcore_webkit_xss_vuln_macosx.nasl |
| 2012-11-21 | Name : Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows) File : nvt/gb_google_chrome_webcore_webkit_xss_vuln_win.nasl |
| 2012-11-21 | Name : Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X) File : nvt/gb_apple_safari_webcore_webkit_xss_vuln_macosx.nasl |
| 2012-11-21 | Name : Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows) File : nvt/gb_apple_safari_webcore_webkit_xss_vuln_win.nasl |
| id | Description |
|---|---|
| 2012-11-19 | Name : Fedora Update for kdelibs FEDORA-2012-17388 File : nvt/gb_fedora_2012_17388_kdelibs_fc16.nasl |
| 2012-11-02 | Name : Apple Safari Multiple Vulnerabilities (APPLE-SA-2012-09-19-3) File : nvt/gb_apple_safari_mult_vuln_nov12_macosx.nasl |
| 2012-10-26 | Name : Ubuntu Update for webkit USN-1617-1 File : nvt/gb_ubuntu_USN_1617_1.nasl |
| 2012-10-03 | Name : Fedora Update for libxml2 FEDORA-2012-13824 File : nvt/gb_fedora_2012_13824_libxml2_fc16.nasl |
| 2012-10-01 | Name : Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X) File : nvt/gb_apple_safari_mult_vuln_oct12_macosx.nasl |
| 2012-09-27 | Name : Fedora Update for libxml2 FEDORA-2012-13820 File : nvt/gb_fedora_2012_13820_libxml2_fc17.nasl |
| 2012-09-17 | Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows) File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl |
| 2012-08-09 | Name : Ubuntu Update for webkit USN-1524-1 File : nvt/gb_ubuntu_USN_1524_1.nasl |
| 2012-08-01 | Name : Apple Safari Multiple Vulnerabilities - Aug 2012 (Windows) File : nvt/gb_apple_safari_mult_vuln_aug12_win.nasl |
| 2012-07-30 | Name : CentOS Update for libxml2 CESA-2012:0016 centos4 File : nvt/gb_CESA-2012_0016_libxml2_centos4.nasl |
| 2012-07-30 | Name : CentOS Update for libxml2 CESA-2012:0017 centos5 File : nvt/gb_CESA-2012_0017_libxml2_centos5.nasl |
| 2012-07-30 | Name : Apple Safari Multiple Vulnerabilities - July 2012 (Mac OS X) File : nvt/gb_apple_safari_mult_vuln_jul12_macosx.nasl |
| 2012-07-13 | Name : VMSA-2012-0012 VMware ESXi update addresses several security issues. File : nvt/gb_VMSA-2012-0012.nasl |
| 2012-07-09 | Name : RedHat Update for libxml2 RHSA-2011:1749-03 File : nvt/gb_RHSA-2011_1749-03_libxml2.nasl |
| 2012-06-05 | Name : RedHat Update for webkitgtk RHSA-2011:0177-01 File : nvt/gb_RHSA-2011_0177-01_webkitgtk.nasl |
| 2012-05-24 | Name : Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows) File : nvt/secpod_apple_safari_mult_vuln_win_oct11.nasl |
| 2012-05-18 | Name : Mac OS X Multiple Vulnerabilities (2012-002) File : nvt/gb_macosx_su12-002.nasl |
| 2012-05-18 | Name : Apple Safari Webkit Multiple Vulnerabilities - May 12 (Mac OS X) File : nvt/gb_apple_safari_webkit_mult_vuln_macosx_may12.nasl |
| 2012-05-18 | Name : Apple Safari Webkit Multiple Vulnerabilities - May 12 (Windows) File : nvt/gb_apple_safari_webkit_mult_vuln_win_may12.nasl |
| 2012-04-19 | Name : Opera Web Browser Select Object Denial Of Service Vulnerability (Mac OS X) File : nvt/gb_opera_select_dos_vuln_macosx.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0222 | Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0061471 |
| 2015-A-0199 | Multiple Vulnerabilities in Apple Mac OS X Severity : Category I - VMSKEY : V0061337 |
| 2015-A-0158 | Multiple Vulnerabilities in Oracle Java SE Severity : Category I - VMSKEY : V0061089 |
| 2014-B-0083 | Multiple Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0052903 |
| 2014-B-0048 | Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0050015 |
| id | Description |
|---|---|
| 2014-B-0024 | Multiple Security Vulnerabilities in Apple iOS Severity : Category I - VMSKEY : V0046157 |
| 2013-A-0220 | Multiple Vulnerabilities in Mozilla Products Severity : Category I - VMSKEY : V0042380 |
| 2012-A-0153 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity : Category I - VMSKEY : V0033884 |
| 2012-A-0073 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0032171 |
| 2009-T-0021 | Microsoft Windows SearchPath Blended Threat Vulnerability Severity : Category II - VMSKEY : V0018776 |
Snort® IPS/IDS
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| Date | Description |
|---|---|
| 2020-01-21 | Apple Webkit updateMinimumColumnHeight use-after-free attempt RuleID : 52486 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2020-01-21 | Apple Webkit updateMinimumColumnHeight use-after-free attempt RuleID : 52485 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-12-17 | Apple Safari WebKit handleIntrinsicCall type confusion attempt RuleID : 52245 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-12-17 | Apple Safari WebKit handleIntrinsicCall type confusion attempt RuleID : 52244 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-11-26 | WebKit WebCore handleMenuItemSelected use after free attempt RuleID : 52003 - Type : BROWSER-WEBKIT - Revision : 1 |
| Date | Description |
|---|---|
| 2019-11-26 | WebKit WebCore handleMenuItemSelected use after free attempt RuleID : 52002 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-10-08 | Apple Safari memory corruption attempt RuleID : 51416 - Type : BROWSER-WEBKIT - Revision : 2 |
| 2019-10-08 | Apple Safari memory corruption attempt RuleID : 51415 - Type : BROWSER-WEBKIT - Revision : 2 |
| 2019-10-01 | Apple Safari WebKit out-of-bounds write attempt RuleID : 51392 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-10-01 | Apple Safari WebKit out-of-bounds write attempt RuleID : 51391 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-10-01 | Apple Safari JSValues type confusion attempt RuleID : 51389 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-10-01 | Apple Safari JSValues type confusion attempt RuleID : 51388 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-10-01 | WebKit GetIndexedPropertyStorage memory corruption attempt RuleID : 51386 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-10-01 | WebKit GetIndexedPropertyStorage memory corruption attempt RuleID : 51385 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-07-04 | Apple Webkit updateDescendantDependentFlags use-after-free attempt RuleID : 50294 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-07-04 | Apple Webkit updateDescendantDependentFlags use-after-free attempt RuleID : 50293 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-07-02 | Apple Webkit updateMinimumColumnHeight use-after-free attempt RuleID : 50192 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-07-02 | Apple Webkit updateMinimumColumnHeight use-after-free attempt RuleID : 50191 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-06-22 | Apple Webkit SVGTextLayoutAttributes use-after-free attempt RuleID : 50161 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-06-22 | Apple Webkit SVGTextLayoutAttributes use-after-free attempt RuleID : 50160 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-06-06 | Apple WebKit updateReferencedText use-after-free attempt RuleID : 50034 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2019-06-06 | Apple WebKit updateReferencedText use-after-free attempt RuleID : 50033 - Type : BROWSER-WEBKIT - Revision : 1 |
| 2018-08-04 | Microsoft Edge proxy object type confusion attempt RuleID : 47083 - Type : BROWSER-IE - Revision : 2 |
| 2018-08-04 | Microsoft Edge proxy object type confusion attempt RuleID : 47082 - Type : BROWSER-IE - Revision : 2 |
| 2018-07-26 | Apple WebKit memory corruption attempt RuleID : 47023 - Type : BROWSER-WEBKIT - Revision : 1 |
Nessus® Vulnerability Scanner
This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-e2e8a07a01.nasl - Type : ACT_GATHER_INFO |
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-97c58e29e4.nasl - Type : ACT_GATHER_INFO |
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-499f2dbc96.nasl - Type : ACT_GATHER_INFO |
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-a1f37d2f08.nasl - Type : ACT_GATHER_INFO |
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-509fc4a5c8.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-118b9abf99.nasl - Type : ACT_GATHER_INFO |
| 2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-1a8582a7ee.nasl - Type : ACT_GATHER_INFO |
| 2018-12-21 | Name : The remote Apple TV device is affected by multiple vulnerabilities. File : appletv_12_1_1.nasl - Type : ACT_GATHER_INFO |
| 2018-12-19 | Name : An application installed on remote host is affected by multiple vulnerabilities File : itunes_12_9_2.nasl - Type : ACT_GATHER_INFO |
| 2018-12-07 | Name : A web browser installed on the remote macOS or Mac OS X host is affected by m... File : macosx_Safari12_0_2.nasl - Type : ACT_GATHER_INFO |
| 2018-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201812-04.nasl - Type : ACT_GATHER_INFO |
| 2018-11-02 | Name : An application installed on the remote host is affected by multiple vulnerabi... File : itunes_12_9_1.nasl - Type : ACT_GATHER_INFO |
| 2018-11-02 | Name : An application installed on the remote host is affected by multiple vulnerabi... File : itunes_12_9_1_banner.nasl - Type : ACT_GATHER_INFO |
| 2018-11-02 | Name : The remote Apple TV device is affected by multiple vulnerabilities. File : appletv_12_1.nasl - Type : ACT_GATHER_INFO |
| 2018-10-31 | Name : A web browser installed on the remote macOS or Mac OS X host is affected by m... File : macosx_Safari12_0_1.nasl - Type : ACT_GATHER_INFO |
| 2018-10-02 | Name : An application installed on the remote host is affected by multiple vulnerabi... File : itunes_12_8_banner.nasl - Type : ACT_GATHER_INFO |
| 2018-10-02 | Name : An application installed on the remote host is affected by multiple vulnerabi... File : itunes_12_9.nasl - Type : ACT_GATHER_INFO |
| 2018-10-02 | Name : An application installed on the remote host is affected by multiple vulnerabi... File : itunes_12_9_banner.nasl - Type : ACT_GATHER_INFO |
| 2018-09-24 | Name : The remote Fedora host is missing a security update. File : fedora_2018-4a16e37c81.nasl - Type : ACT_GATHER_INFO |
| 2018-09-20 | Name : A web browser installed on the remote macOS or Mac OS X host is affected by m... File : macosx_safari12.nasl - Type : ACT_GATHER_INFO |
| 2018-08-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201808-01.nasl - Type : ACT_GATHER_INFO |
| 2018-08-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201808-04.nasl - Type : ACT_GATHER_INFO |
| 2018-07-30 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_b9c525d9919811e8beba080027ef1a23.nasl - Type : ACT_GATHER_INFO |
| 2018-07-27 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4256.nasl - Type : ACT_GATHER_INFO |
| 2018-07-17 | Name : The remote host is missing a macOS update that fixes multiple security vulner... File : macos_10_13_6.nasl - Type : ACT_GATHER_INFO |
