Safari - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Safari
(Apple)

Repositories	https://github.com/WebKit/webkit
#Vulnerabilities	1430

Date	Id	Summary	Products	Score	Patch	Annotated
2020-04-01	CVE-2020-9784	A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1. A malicious iframe may use another website’s download settings.	Safari	N/A
2020-04-01	CVE-2020-3887	A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated.	Icloud, Ipad_os, Iphone_os, Itunes, Safari, Tvos	N/A
2020-04-01	CVE-2020-9783	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution.	Icloud, Ipados, Iphone_os, Itunes, Safari, Tvos	N/A
2020-02-27	CVE-2020-3833	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing.	Safari	N/A
2019-12-18	CVE-2019-8602	A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.	Icloud, Iphone_os, Itunes, Mac_os_x, Safari, Tvos, Watchos	N/A
2019-12-18	CVE-2019-8577	An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.	Icloud, Iphone_os, Itunes, Mac_os_x, Safari, Tvos, Watchos	N/A
2020-02-03	CVE-2016-4676	A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information.	Mac_os_x, Safari	N/A
2017-02-20	CVE-2016-4764	An issue was discovered in certain Apple products. iOS before 10 is affected. Safari before 10 is affected. iTunes before 12.5.1 is affected. tvOS before 10 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.	Iphone_os, Itunes, Safari, Tvos	N/A
2019-04-03	CVE-2018-4386	Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.	Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos	8.8
2019-12-18	CVE-2019-7285	A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.	Icloud, Iphone_os, Itunes, Safari, Tvos	N/A