Apple Safari vulnerabilities
1,592 known vulnerabilities affecting apple/safari.
Total CVEs
1,592
CISA KEV
31
actively exploited
Public exploits
157
Exploited in wild
25
Severity breakdown
CRITICAL211HIGH603MEDIUM757LOW20UNKNOWN1
Vulnerabilities
Page 29 of 80
CVE-2018-4210HIGHCVSS 8.8fixed in 11.12019-01-11
CVE-2018-4210 [HIGH] CWE-129 CVE-2018-4210: In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 f
In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.
nvdapple
CVE-2018-4262HIGHCVSS 8.8fixed in 11.1.22019-01-11
CVE-2018-4262 [HIGH] CWE-119 CVE-2018-4262: In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iClo
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.
nvdapple
CVE-2018-4277HIGHCVSS 7.5fixed in 11.1.12019-01-11
CVE-2018-4277 [HIGH] CWE-20 CVE-2018-4277: In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sie
In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
nvdapple
CVE-2018-4208HIGHCVSS 8.8fixed in 11.12019-01-11
CVE-2018-4208 [HIGH] CWE-20 CVE-2018-4208: In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS bef
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
nvdapple
CVE-2018-4186HIGHCVSS 7.5fixed in 11.12019-01-11
CVE-2018-4186 [HIGH] CWE-200 CVE-2018-4186: In Safari before 11.1, an information leakage issue existed in the handling of downloads in Safari P
In Safari before 11.1, an information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation.
nvdapple
CVE-2018-4278MEDIUMCVSS 4.3fixed in 11.1.22019-01-11
CVE-2018-4278 [MEDIUM] CVE-2018-4278: In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iClo
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
nvdapple
CVE-2018-4233HIGHCVSS 8.8PoCfixed in 11.1.12018-06-08
CVE-2018-4233 [HIGH] CWE-119 CVE-2018-4233: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4218HIGHCVSS 8.8PoCfixed in 11.1.12018-06-08
CVE-2018-4218 [HIGH] CWE-416 CVE-2018-4218: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4201HIGHCVSS 8.8fixed in 11.1.12018-06-08
CVE-2018-4201 [HIGH] CWE-119 CVE-2018-4201: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4199HIGHCVSS 8.8fixed in 11.1.12018-06-08
CVE-2018-4199 [HIGH] CWE-119 CVE-2018-4199: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service
nvdapple
CVE-2018-4222HIGHCVSS 8.8PoCfixed in 11.1.12018-06-08
CVE-2018-4222 [HIGH] CWE-125 CVE-2018-4222: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4200HIGHCVSS 8.8PoCfixed in 11.12018-06-08
CVE-2018-4200 [HIGH] CWE-416 CVE-2018-4200: An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service
nvdapple
CVE-2018-4246HIGHCVSS 8.8fixed in 11.1.12018-06-08
CVE-2018-4246 [HIGH] CWE-704 CVE-2018-4246: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4214HIGHCVSS 8.8fixed in 11.1.12018-06-08
CVE-2018-4214 [HIGH] CWE-119 CVE-2018-4214: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to cause a denial of
nvdapple
CVE-2018-4192HIGHCVSS 7.5PoCfixed in 11.1.12018-06-08
CVE-2018-4192 [HIGH] CWE-362 CVE-2018-4192: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary
nvdapple
CVE-2018-4190HIGHCVSS 8.8fixed in 11.1.12018-06-08
CVE-2018-4190 [HIGH] CWE-522 CVE-2018-4190: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive credential information that is tra
nvdapple
CVE-2018-4204HIGHCVSS 8.8fixed in 11.12018-06-08
CVE-2018-4204 [HIGH] CWE-119 CVE-2018-4204: An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is
An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code
nvdapple
CVE-2018-4205MEDIUMCVSS 6.5fixed in 11.1.12018-06-08
CVE-2018-4205 [MEDIUM] CWE-20 CVE-2018-4205: An issue was discovered in certain Apple products. Safari before 11.1.1 is affected. The issue invol
An issue was discovered in certain Apple products. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site.
nvdapple
CVE-2018-4247MEDIUMCVSS 6.5fixed in 11.1.12018-06-08
CVE-2018-4247 [MEDIUM] CWE-20 CVE-2018-4247: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (persistent Safari outage) via a crafted web site.
nvdapple
CVE-2018-4232MEDIUMCVSS 4.3fixed in 11.1.12018-06-08
CVE-2018-4232 [MEDIUM] CVE-2018-4232: An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to overwrite cookies via a crafted web site.
nvdapple