Every CVE whose affected-product data names Apple Safari, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2007-2843 — CVSS 10.0 (critical): Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via…
CVE-2010-1120 — CVSS 10.0 (critical): Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as…
CVE-2009-0137 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6, and Windows XP and Vista, allow remote attackers…
CVE-2008-3529 — CVSS 10.0 (critical): Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers…
CVE-2008-2303 — CVSS 10.0 (critical): Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitrary code…
CVE-2011-3046 — CVSS 10.0 (critical): The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to…
CVE-2010-1119 — CVSS 10.0 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X…
CVE-2015-5780 — CVSS 10.0 (critical): The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension…
CVE-2014-1303 — CVSS 10.0 (critical): Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection…
CVE-2014-1300 — CVSS 10.0 (critical): Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown…
CVE-2010-3116 — CVSS 10.0 (critical): Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before…
CVE-2025-30466 — CVSS 9.8 (critical): This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia…
CVE-2025-24264 — CVSS 9.8 (critical): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS…
CVE-2017-5949 — CVSS 9.8 (critical): JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service…
CVE-2025-43526 — CVSS 9.8 (critical): This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode…
CVE-2010-1205 — CVSS 9.8 (critical): Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote…
CVE-2019-8749 — CVSS 9.8 (critical): Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13…
CVE-2020-9895 — CVSS 9.8 (critical): A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS…
CVE-2023-40414 — CVSS 9.8 (critical): A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17…
CVE-2025-24167 — CVSS 9.8 (critical): This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia…
CVE-2023-28201 — CVSS 9.8 (critical): This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4…
CVE-2025-43343 — CVSS 9.8 (critical): The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26…
CVE-2025-43342 — CVSS 9.8 (critical): A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26…
CVE-2022-32863 — CVSS 9.8 (critical): A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. Processing…
CVE-2018-4147 — CVSS 9.8 (critical): In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption…
CVE-2020-9850 — CVSS 9.8 (critical): A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari…
CVE-2017-17821 — CVSS 9.8 (critical): WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of…
CVE-2024-54534 — CVSS 9.8 (critical): The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS…
CVE-2024-4558 — CVSS 9.6 (critical): Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2016-4734 — CVSS 9.6 (critical): WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2019-8562 — CVSS 9.6 (critical): A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4…
CVE-2010-3822 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized…
CVE-2010-3823 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X…
CVE-2010-3824 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X…
CVE-2010-3826 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform…
CVE-2010-1383 — CVSS 9.3 (critical): CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of…
CVE-2010-0046 — CVSS 9.3 (critical): The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or…
CVE-2010-0045 — CVSS 9.3 (critical): Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows remote attackers to open local files and…
CVE-2010-0043 — CVSS 9.3 (critical): ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial…
CVE-2010-0040 — CVSS 9.3 (critical): Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary…
CVE-2010-1176 — CVSS 9.3 (critical): Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute…
CVE-2009-4186 — CVSS 9.3 (critical): Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash)…
CVE-2009-3384 — CVSS 9.3 (critical): Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code…
CVE-2010-1404 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2011-0215 — CVSS 9.3 (critical): ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute…
CVE-2011-0216 — CVSS 9.3 (critical): Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2009-2195 — CVSS 9.3 (critical): Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service…
CVE-2011-0218 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0221 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0222 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0223 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0225 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0232 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0233 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0234 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0235 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0237 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0238 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0240 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0241 — CVSS 9.3 (critical): Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2009-1725 — CVSS 9.3 (critical): WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in…
CVE-2010-0054 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2011-0253 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0254 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-0255 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2009-1712 — CVSS 9.3 (critical): WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary…
CVE-2009-1711 — CVSS 9.3 (critical): WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute…
CVE-2010-1398 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform…
CVE-2009-1709 — CVSS 9.3 (critical): Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote…
CVE-2009-1708 — CVSS 9.3 (critical): Apple Safari before 4.0 does not prevent calls to the open-help-anchor URL handler by web sites, which allows remote attackers to open…
CVE-2009-1705 — CVSS 9.3 (critical): CoreGraphics in Apple Safari before 4.0 on Windows does not properly use arithmetic during automatic hinting of TrueType fonts, which…
CVE-2009-1704 — CVSS 9.3 (critical): CFNetwork in Apple Safari before 4.0 misinterprets downloaded image files as local HTML documents in unspecified circumstances, which…
CVE-2009-1701 — CVSS 9.3 (critical): Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and…
CVE-2009-1698 — CVSS 9.3 (critical): WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a…
CVE-2009-1690 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1…
CVE-2011-1288 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2009-1687 — CVSS 9.3 (critical): The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1…
CVE-2009-1686 — CVSS 9.3 (critical): WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle…
CVE-2009-1600 — CVSS 9.3 (critical): Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an…
CVE-2009-1060 — CVSS 9.3 (critical): Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors…
CVE-2009-1042 — CVSS 9.3 (critical): Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors…
CVE-2009-0945 — CVSS 9.3 (critical): Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through…
CVE-2011-1453 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-1457 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-1462 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-1797 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1397 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2010-1415 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle…
CVE-2009-0070 — CVSS 9.3 (critical): Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of…
CVE-2008-4231 — CVSS 9.3 (critical): Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which…
CVE-2008-3623 — CVSS 9.3 (critical): Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPhone OS 1.0 through 2.2.1, and in iPhone OS for iPod…
CVE-2010-1403 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory…
CVE-2008-2540 — CVSS 9.3 (critical): Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized…
CVE-2011-2825 — CVSS 9.3 (critical): Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have…
CVE-2008-2317 — CVSS 9.3 (critical): WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to…
CVE-2010-1396 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2008-2307 — CVSS 9.3 (critical): Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and…
CVE-2008-2306 — CVSS 9.3 (critical): Apple Safari before 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which…
CVE-2024-44206 — CVSS 9.3 (critical): An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6…
CVE-2010-1400 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2010-1417 — CVSS 9.3 (critical): The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before…
CVE-2010-0053 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2007-6166 — CVSS 9.3 (critical): Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows…
CVE-2010-1419 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2007-5859 — CVSS 9.3 (critical): Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application…
CVE-2010-1402 — CVSS 9.3 (critical): Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4…
CVE-2007-3186 — CVSS 9.3 (critical): Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of…
CVE-2012-3686 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1412 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2012-3683 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2007-3376 — CVSS 9.3 (critical): Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and…
CVE-2012-3682 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3681 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3680 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3679 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3678 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3674 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3670 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3669 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3668 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3667 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2011-3081 — CVSS 9.3 (critical): Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have…
CVE-2007-3944 — CVSS 9.3 (critical): Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple…
CVE-2012-3666 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3636 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1787 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before…
CVE-2010-1788 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before…
CVE-2010-1789 — CVSS 9.3 (critical): Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X…
CVE-2010-1790 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before…
CVE-2010-1791 — CVSS 9.3 (critical): Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X…
CVE-2010-1792 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before…
CVE-2010-1793 — CVSS 9.3 (critical): Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1…
CVE-2010-0052 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2010-1806 — CVSS 9.3 (critical): Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or…
CVE-2010-1807 — CVSS 9.3 (critical): WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate…
CVE-2010-1401 — CVSS 9.3 (critical): Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5…
CVE-2010-1823 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial…
CVE-2010-0049 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2010-1399 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory…
CVE-2010-1405 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2010-3257 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and…
CVE-2010-1392 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2010-3803 — CVSS 9.3 (critical): Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4…
CVE-2010-3805 — CVSS 9.3 (critical): Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4…
CVE-2010-3808 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform…
CVE-2010-3809 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform…
CVE-2010-1177 — CVSS 9.3 (critical): Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute…
CVE-2010-3811 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X…
CVE-2010-3812 — CVSS 9.3 (critical): Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through…
CVE-2010-1385 — CVSS 9.3 (critical): Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows…
CVE-2010-3816 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X…
CVE-2010-3817 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform…
CVE-2010-3818 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X…
CVE-2010-3819 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform…
CVE-2010-3820 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses uninitialized…
CVE-2010-3821 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle…
CVE-2010-1786 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X…
CVE-2010-1414 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2010-1749 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2010-1750 — CVSS 9.3 (critical): Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of…
CVE-2012-3665 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1758 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2012-3664 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1759 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2012-3663 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1761 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2010-1410 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to…
CVE-2010-1180 — CVSS 9.3 (critical): Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute…
CVE-2012-3661 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1770 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome…
CVE-2012-3656 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3655 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3653 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3646 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3645 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3644 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3642 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3641 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3640 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1771 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X…
CVE-2012-3639 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3638 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3637 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1774 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory…
CVE-2010-1179 — CVSS 9.3 (critical): Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute…
CVE-2010-1780 — CVSS 9.3 (critical): Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X…
CVE-2010-1782 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before…
CVE-2010-1783 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before…
CVE-2010-1784 — CVSS 9.3 (critical): The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5…
CVE-2012-0682 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-0683 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-1520 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2007-5450 — CVSS 9.3 (critical): Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a…
CVE-2012-3589 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2010-1785 — CVSS 9.3 (critical): WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before…
CVE-2012-3591 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3592 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3593 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…
CVE-2012-3594 — CVSS 9.3 (critical): WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory…