Apple Safari vulnerabilities
1,592 known vulnerabilities affecting apple/safari.
Total CVEs
1,592
CISA KEV
31
actively exploited
Public exploits
157
Exploited in wild
25
Severity breakdown
CRITICAL211HIGH603MEDIUM757LOW20UNKNOWN1
Vulnerabilities
Page 35 of 80
CVE-2017-7048HIGHCVSS 8.8PoCfixed in 10.1.22017-07-20
CVE-2017-7048 [HIGH] CWE-119 CVE-2017-7048: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of s
nvdapple
CVE-2017-7055HIGHCVSS 8.8fixed in 10.1.22017-07-20
CVE-2017-7055 [HIGH] CWE-119 CVE-2017-7055: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of s
nvdapple
CVE-2017-7056HIGHCVSS 8.8PoCfixed in 10.1.22017-07-20
CVE-2017-7056 [HIGH] CWE-119 CVE-2017-7056: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of s
nvdapple
CVE-2017-7018HIGHCVSS 8.8PoCfixed in 10.1.22017-07-20
CVE-2017-7018 [HIGH] CWE-119 CVE-2017-7018: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of s
nvdapple
CVE-2017-7023HIGHCVSS 7.8≤ 10.1.12017-07-20
CVE-2017-7023 [HIGH] CWE-119 CVE-2017-7023: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a craft
nvd
CVE-2017-7052HIGHCVSS 8.8fixed in 10.1.22017-07-20
CVE-2017-7052 [HIGH] CWE-119 CVE-2017-7052: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of s
nvdapple
CVE-2017-7040HIGHCVSS 8.8PoCfixed in 10.1.22017-07-20
CVE-2017-7040 [HIGH] CWE-119 CVE-2017-7040: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of s
nvdapple
CVE-2017-7046HIGHCVSS 8.8PoCfixed in 10.1.22017-07-20
CVE-2017-7046 [HIGH] CWE-119 CVE-2017-7046: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of s
nvdapple
CVE-2017-7024HIGHCVSS 7.8≤ 10.1.12017-07-20
CVE-2017-7024 [HIGH] CWE-119 CVE-2017-7024: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a craft
nvd
CVE-2017-7059MEDIUMCVSS 6.1fixed in 10.1.22017-07-20
CVE-2017-7059 [MEDIUM] CWE-79 CVE-2017-7059: A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safar
A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
nvdapple
CVE-2017-7006MEDIUMCVSS 5.3fixed in 10.1.22017-07-20
CVE-2017-7006 [MEDIUM] CWE-203 CVE-2017-7006: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct a timing side-channel attack to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that u
nvdapple
CVE-2017-7060MEDIUMCVSS 6.5fixed in 10.1.22017-07-20
CVE-2017-7060 [MEDIUM] CWE-20 CVE-2017-7060: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "Safari Printing" component. It allows remote attackers to cause a denial of service (excessive print dialogs) via a crafted web site.
nvdapple
CVE-2017-7011MEDIUMCVSS 6.5≤ 10.1.12017-07-20
CVE-2017-7011 [MEDIUM] CWE-20 CVE-2017-7011: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site that uses FRAME elements.
nvdapple
CVE-2017-7038MEDIUMCVSS 6.1fixed in 10.1.22017-07-20
CVE-2017-7038 [MEDIUM] CWE-79 CVE-2017-7038: A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safar
A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
nvdapple
CVE-2017-7064MEDIUMCVSS 5.5PoC≤ 10.1.12017-07-20
CVE-2017-7064 [MEDIUM] CWE-20 CVE-2017-7064: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.
nvdapple
CVE-2017-2536HIGHCVSS 8.8PoC≤ 10.12017-05-22
CVE-2017-2536 [HIGH] CWE-119 CVE-2017-2536: An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
nvdapple
CVE-2017-2539HIGHCVSS 8.8≤ 10.12017-05-22
CVE-2017-2539 [HIGH] CWE-119 CVE-2017-2539: An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
nvdapple
CVE-2017-2515HIGHCVSS 8.8PoC≤ 10.12017-05-22
CVE-2017-2515 [HIGH] CWE-119 CVE-2017-2515: An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
nvdapple
CVE-2017-2505HIGHCVSS 8.8fixed in 10.1.12017-05-22
CVE-2017-2505 [HIGH] CWE-119 CVE-2017-2505: An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
nvdapple
CVE-2017-2530HIGHCVSS 8.8≤ 10.12017-05-22
CVE-2017-2530 [HIGH] CWE-119 CVE-2017-2530: An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iCloud before 6.2.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application cra
nvdapple