Apple Safari vulnerabilities
1,592 known vulnerabilities affecting apple/safari.
Total CVEs
1,592
CISA KEV
31
actively exploited
Public exploits
157
Exploited in wild
25
Severity breakdown
CRITICAL211HIGH603MEDIUM757LOW20UNKNOWN1
Vulnerabilities
Page 27 of 80
CVE-2018-4318HIGHCVSS 8.8PoCfixed in 122019-04-03
CVE-2018-4318 [HIGH] CWE-416 CVE-2018-4318: A use after free issue was addressed with improved memory management. This issue affected versions p
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
nvdapple
CVE-2018-4311HIGHCVSS 8.1fixed in 122019-04-03
CVE-2018-4311 [HIGH] CWE-200 CVE-2018-4311: The issue was addressed by removing origin information. This issue affected versions prior to iOS 12
The issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
nvdapple
CVE-2018-4361HIGHCVSS 8.8fixed in 122019-04-03
CVE-2018-4361 [HIGH] CVE-2018-4361: A memory consumption issue was addressed with improved memory handling. This issue affected versions
A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
nvdapple
CVE-2018-4372HIGHCVSS 8.8fixed in 12.0.12019-04-03
CVE-2018-4372 [HIGH] CWE-119 CVE-2018-4372: Multiple memory corruption issues were addressed with improved memory handling. This issue affected
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
nvdapple
CVE-2018-4328HIGHCVSS 8.8PoCfixed in 122019-04-03
CVE-2018-4328 [HIGH] CWE-119 CVE-2018-4328: Multiple memory corruption issues were addressed with improved memory handling. This issue affected
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
nvdapple
CVE-2018-4438HIGHCVSS 8.8PoCfixed in 12.0.22019-04-03
CVE-2018-4438 [HIGH] CWE-119 CVE-2018-4438: A logic issue existed resulting in memory corruption. This was addressed with improved state managem
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
nvdapple
CVE-2018-4306HIGHCVSS 8.8PoCfixed in 122019-04-03
CVE-2018-4306 [HIGH] CWE-416 CVE-2018-4306: A use after free issue was addressed with improved memory management. This issue affected versions p
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
nvdapple
CVE-2018-4269HIGHCVSS 8.6fixed in 11.1.22019-04-03
CVE-2018-4269 [HIGH] CWE-119 CVE-2018-4269: A memory corruption issue was addressed with improved input validation. This issue affected versions
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
nvd
CVE-2018-4345MEDIUMCVSS 6.1fixed in 122019-04-03
CVE-2018-4345 [MEDIUM] CWE-79 CVE-2018-4345: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
nvdapple
CVE-2018-4307MEDIUMCVSS 4.3fixed in 122019-04-03
CVE-2018-4307 [MEDIUM] CWE-20 CVE-2018-4307: A logic issue was addressed with improved state management. This issue affected versions prior to iO
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12.
nvdapple
CVE-2018-4440MEDIUMCVSS 4.3fixed in 12.0.22019-04-03
CVE-2018-4440 [MEDIUM] CWE-20 CVE-2018-4440: A logic issue was addressed with improved state management. This issue affected versions prior to iO
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
nvdapple
CVE-2018-4409MEDIUMCVSS 6.5fixed in 12.0.12019-04-03
CVE-2018-4409 [MEDIUM] CWE-400 CVE-2018-4409: A resource exhaustion issue was addressed with improved input validation. This issue affected versio
A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
nvdapple
CVE-2018-4309MEDIUMCVSS 6.1fixed in 122019-04-03
CVE-2018-4309 [MEDIUM] CWE-79 CVE-2018-4309: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.
nvdapple
CVE-2018-4195MEDIUMCVSS 6.5fixed in 12vVersions prior to: Safari 122019-04-03
CVE-2018-4195 [MEDIUM] CWE-20 CVE-2018-4195: An inconsistent user interface issue was addressed with improved state management. This issue affect
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 12.
nvdapple
CVE-2018-4377MEDIUMCVSS 6.1fixed in 12.0.12019-04-03
CVE-2018-4377 [MEDIUM] CWE-79 CVE-2018-4377: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio
A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
nvdapple
CVE-2018-4279MEDIUMCVSS 5.3fixed in 11.1.2vVersions prior to: Safari 11.1.22019-04-03
CVE-2018-4279 [MEDIUM] CWE-20 CVE-2018-4279: An inconsistent user interface issue was addressed with improved state management. This issue affect
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2.
nvdapple
CVE-2018-4362MEDIUMCVSS 6.5fixed in 11.1.22019-04-03
CVE-2018-4362 [MEDIUM] CWE-20 CVE-2018-4362: An inconsistent user interface issue was addressed with improved state management. This issue affect
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12.
nvdapple
CVE-2018-4374MEDIUMCVSS 6.1fixed in 12.0.12019-04-03
CVE-2018-4374 [MEDIUM] CWE-79 CVE-2018-4374: A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1
A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.
nvdapple
CVE-2018-4445MEDIUMCVSS 4.3fixed in 12.0.22019-04-03
CVE-2018-4445 [MEDIUM] CWE-200 CVE-2018-4445: "Clear History and Website Data" did not clear the history. The issue was addressed with improved da
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.
nvdapple
CVE-2018-4260MEDIUMCVSS 6.5fixed in 11.1.22019-04-03
CVE-2018-4260 [MEDIUM] CWE-20 CVE-2018-4260: An inconsistent user interface issue was addressed with improved state management. This issue affect
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.
nvdapple