Search for packages
| purl | pkg:deb/ubuntu/webkitgtk@2.4.8-1ubuntu2 |
| Next non-vulnerable version | 2.4.10-0ubuntu0.14.04.1 |
| Latest non-vulnerable version | 2.4.10-0ubuntu1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-15vb-43w8-aaaj
Aliases: CVE-2011-3017 |
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling. |
Affected by 26 other vulnerabilities. |
|
VCID-19g5-1x5f-aaas
Aliases: CVE-2013-0948 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1aay-wzuu-aaar
Aliases: CVE-2012-5851 |
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108. |
Affected by 26 other vulnerabilities. |
|
VCID-1bqb-v92t-aaak
Aliases: CVE-2012-3632 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1dcp-6t62-aaab
Aliases: CVE-2013-0954 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1gf3-zbc8-aaag
Aliases: CVE-2012-3685 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1hgk-1xrh-aaaj
Aliases: CVE-2013-0960 |
WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961. |
Affected by 26 other vulnerabilities. |
|
VCID-1jhx-s5ek-aaah
Aliases: CVE-2011-2339 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1jwh-repz-aaae
Aliases: CVE-2011-0237 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1m1u-jhpy-aaac
Aliases: CVE-2011-1290 |
Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. |
Affected by 26 other vulnerabilities. |
|
VCID-1scq-4ve9-aaag
Aliases: CVE-2015-3727 |
WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-1uay-6sed-aaac
Aliases: CVE-2011-0154 |
WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, does not properly implement the .sort function for JavaScript arrays, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1uf3-d6ug-aaar
Aliases: CVE-2011-3243 |
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows. |
Affected by 26 other vulnerabilities. |
|
VCID-1uww-w5np-aaaq
Aliases: CVE-2011-0223 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1vgk-b15t-aaap
Aliases: CVE-2014-1327 |
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1xqg-q8wm-aaaq
Aliases: CVE-2012-3658 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-1xz7-f4wj-aaaf
Aliases: CVE-2014-1365 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-1zm5-32e7-aaaf
Aliases: CVE-2010-2651 |
The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-23az-7dve-aaan
Aliases: CVE-2014-4412 |
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
Affected by 26 other vulnerabilities. |
|
VCID-23bw-ztf7-aaaa
Aliases: CVE-2011-1195 |
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling." |
Affected by 26 other vulnerabilities. |
|
VCID-29dt-2tvt-aaab
Aliases: CVE-2013-1006 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-2bbx-hwwx-aaam
Aliases: CVE-2010-3819 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) boxes, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-2c62-ca8z-aaac
Aliases: CVE-2011-3022 |
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network. |
Affected by 26 other vulnerabilities. |
|
VCID-2dnh-6kfq-aaab
Aliases: CVE-2011-0218 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-2g2m-ssba-aaag
Aliases: CVE-2011-0129 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-2gny-hrae-aaad
Aliases: CVE-2012-3647 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-2mu1-6nqt-aaab
Aliases: CVE-2013-1013 |
XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-2pem-tzm4-aaam
Aliases: CVE-2010-3822 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized pointer during processing of Cascading Style Sheets (CSS) counter styles, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-2r92-t3f5-aaag
Aliases: CVE-2015-1120 |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-2u1v-dhvp-aaas
Aliases: CVE-2015-3745 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-2uy9-1qaz-aaar
Aliases: CVE-2012-3627 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-2vay-775q-aaam
Aliases: CVE-2015-1153 |
WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-2wdx-g43m-aaaq
Aliases: CVE-2014-4474 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-31he-2tqr-aaap
Aliases: CVE-2011-0152 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-34tf-qwyt-aaar
Aliases: CVE-2011-3887 |
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-35hy-nks5-aaac
Aliases: CVE-2011-1059 |
Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. |
Affected by 26 other vulnerabilities. |
|
VCID-368a-1ru4-aaad
Aliases: CVE-2012-3602 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-36mv-q3sa-aaaj
Aliases: CVE-2010-3821 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the :first-letter pseudo-element in a Cascading Style Sheets (CSS) token sequence, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-36th-s6e5-aaae
Aliases: CVE-2013-0952 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3ee5-mrbw-aaab
Aliases: CVE-2011-0144 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3gww-djvr-aaap
Aliases: CVE-2012-3705 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3hb3-ddaz-aaad
Aliases: CVE-2012-3626 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3hmv-sdeg-aaar
Aliases: CVE-2014-1331 |
CVE-2014-1331 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-3jrq-qfs1-aaag
Aliases: CVE-2013-2268 |
Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." |
Affected by 26 other vulnerabilities. |
|
VCID-3m7w-z5cb-aaaq
Aliases: CVE-2014-1346 |
CVE-2014-1346 webkitgtk: improper Unicode encoding interpretation (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-3pdy-gjg9-aaae
Aliases: CVE-2011-1302 |
Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-3pz1-1j1h-aaam
Aliases: CVE-2011-0128 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3qfj-end3-aaaq
Aliases: CVE-2011-2823 |
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box. |
Affected by 26 other vulnerabilities. |
|
VCID-3qjj-843a-aaam
Aliases: CVE-2010-3810 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the History object, which allows remote attackers to spoof the location bar's URL or add URLs to the history via a cross-origin attack. |
Affected by 26 other vulnerabilities. |
|
VCID-3t16-hjsq-aaap
Aliases: CVE-2012-3704 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3trn-d2hp-aaaj
Aliases: CVE-2014-1268 |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. |
Affected by 26 other vulnerabilities. |
|
VCID-3ubx-6ja4-aaab
Aliases: CVE-2011-0114 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3xu6-89z9-aaab
Aliases: CVE-2011-1457 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3y1t-ukvn-aaaq
Aliases: CVE-2012-3616 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-3zdm-jdxf-aaam
Aliases: CVE-2011-0141 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-42k4-yy96-aaaa
Aliases: CVE-2011-0127 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-43h3-hd8p-aaas
Aliases: CVE-2013-1003 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-45hk-w77b-aaae
Aliases: CVE-2011-3889 |
Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-468b-fyky-aaac
Aliases: CVE-2011-3024 |
Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate. |
Affected by 26 other vulnerabilities. |
|
VCID-46f4-w43k-aaas
Aliases: CVE-2015-3749 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-4dfx-4jqg-aaac
Aliases: CVE-2011-1191 |
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs. |
Affected by 26 other vulnerabilities. |
|
VCID-4ehg-vch9-aaae
Aliases: CVE-2011-0164 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-4g28-key4-aaam
Aliases: CVE-2011-1185 |
Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-4hhg-8h48-aaae
Aliases: CVE-2011-0112 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-4j3a-f68x-aaar
Aliases: CVE-2011-2338 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-4j68-aq1f-aaan
Aliases: CVE-2011-0138 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-4k1m-nw8b-aaab
Aliases: CVE-2015-5928 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-4mzs-x1zx-aaab
Aliases: CVE-2014-1270 |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. |
Affected by 26 other vulnerabilities. |
|
VCID-4n9w-rv5d-aaan
Aliases: CVE-2011-3237 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-4ncp-4xvg-aaab
Aliases: CVE-2015-3743 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-4u5f-xtye-aaad
Aliases: CVE-2011-1188 |
Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-4yju-ra81-aaaa
Aliases: CVE-2012-3670 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-55td-5hvb-aaap
Aliases: CVE-2011-0149 |
WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to a "dangling pointer" and iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-56gs-j25m-aaag
Aliases: CVE-2013-1023 |
WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1009. |
Affected by 26 other vulnerabilities. |
|
VCID-5cq3-v7rs-aaam
Aliases: CVE-2011-0242 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username. |
Affected by 26 other vulnerabilities. |
|
VCID-5dqz-2tky-aaae
Aliases: CVE-2011-3420 |
Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-5q3a-d4ea-aaad
Aliases: CVE-2011-0123 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-5r5h-799q-aaap
Aliases: CVE-2013-0956 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-5vcd-up3m-aaas
Aliases: CVE-2013-0958 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-5vdc-4w9j-aaaa
Aliases: CVE-2014-4473 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-5wgu-1q46-aaas
Aliases: CVE-2010-3813 |
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality. |
Affected by 26 other vulnerabilities. |
|
VCID-5xxn-a3dd-aaaq
Aliases: CVE-2012-3651 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-63c3-cucz-aaam
Aliases: CVE-2012-3652 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-64k6-ewa2-aaaj
Aliases: CVE-2013-5197 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-66ca-udkd-aaaj
Aliases: CVE-2012-3707 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-67w4-s8h1-aaar
Aliases: CVE-2013-0953 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-686s-qz7c-aaac
Aliases: CVE-2012-3660 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-6e8p-uvm8-aaae
Aliases: CVE-2011-0113 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-6ew8-q618-aaad
Aliases: CVE-2010-3809 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-6eyp-kxrg-aaak
Aliases: CVE-2010-3803 |
Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string. |
Affected by 26 other vulnerabilities. |
|
VCID-6k6g-xbdt-aaae
Aliases: CVE-2010-2900 |
Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-6kye-m9qn-aaah
Aliases: CVE-2014-4410 |
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
Affected by 26 other vulnerabilities. |
|
VCID-6mj9-u1rs-aaaj
Aliases: CVE-2010-3823 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Geolocation objects. NOTE: this might overlap CVE-2010-3415. |
Affected by 26 other vulnerabilities. |
|
VCID-6ms3-2xj8-aaaq
Aliases: CVE-2012-3742 |
Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page. |
Affected by 26 other vulnerabilities. |
|
VCID-6ttd-jj6j-aaap
Aliases: CVE-2014-4414 |
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
Affected by 26 other vulnerabilities. |
|
VCID-6upd-vngk-aaaq
Aliases: CVE-2011-2824 |
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes. |
Affected by 26 other vulnerabilities. |
|
VCID-6zwe-bv5t-aaad
Aliases: CVE-2011-0167 |
The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-7arb-xjrt-aaad
Aliases: CVE-2011-0130 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-7bfm-7436-aaap
Aliases: CVE-2010-3254 |
The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-7drk-jqs9-aaam
Aliases: CVE-2014-1299 |
CVE-2014-1299 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-7fge-85yh-aaag
Aliases: CVE-2011-0234 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-7g6x-ppts-aaab
Aliases: CVE-2013-0951 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-7p5z-d5zr-aaar
Aliases: CVE-2014-1326 |
CVE-2014-1326 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-7tzu-4au6-aaaj
Aliases: CVE-2011-2827 |
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching. |
Affected by 26 other vulnerabilities. |
|
VCID-7y19-au46-aaae
Aliases: CVE-2011-0135 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-7y9d-kgtn-aaaf
Aliases: CVE-2011-3015 |
Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-7yjg-4ehs-aaad
Aliases: CVE-2013-5225 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-82j1-2tcg-aaaj
Aliases: CVE-2014-4468 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-82vd-4up3-aaag
Aliases: CVE-2014-1336 |
CVE-2014-1336 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-83b4-j92e-aaaf
Aliases: CVE-2012-3692 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-83nv-szn3-aaad
Aliases: CVE-2014-4477 |
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479. |
Affected by 26 other vulnerabilities. |
|
VCID-87cj-q39u-aaaj
Aliases: CVE-2014-4479 |
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477. |
Affected by 26 other vulnerabilities. |
|
VCID-8awz-k8b2-aaaa
Aliases: CVE-2011-3025 |
Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-8fpa-uk7e-aaak
Aliases: CVE-2011-2815 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8j2u-t7c3-aaah
Aliases: CVE-2011-1192 |
Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-8m41-cs48-aaan
Aliases: CVE-2012-3747 |
WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-8pj5-r7gj-aaaj
Aliases: CVE-2011-0119 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8q54-pej7-aaaq
Aliases: CVE-2011-0133 |
WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly access glyph data during layout actions for floating blocks associated with pseudo-elements, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8qf9-emv4-aaah
Aliases: CVE-2013-5228 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8qh4-51dj-aaad
Aliases: CVE-2014-4469 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8s4z-hca3-aaae
Aliases: CVE-2014-4472 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8t99-u7pz-aaar
Aliases: CVE-2011-1804 |
rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Affected by 26 other vulnerabilities. |
|
VCID-8wdn-8s8a-aaah
Aliases: CVE-2012-3673 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8x5g-afjx-aaas
Aliases: CVE-2011-0116 |
Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to DOM manipulations during iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8yvq-va6m-aaaj
Aliases: CVE-2011-0155 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-8zb9-4xpy-aaag
Aliases: CVE-2014-1390 |
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
Affected by 26 other vulnerabilities. |
|
VCID-95nc-shq4-aaap
Aliases: CVE-2011-0124 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-95rm-pxg9-aaam
Aliases: CVE-2012-0672 |
WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-99ws-1zqx-aaas
Aliases: CVE-2013-0950 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-9e6c-xu8c-aaap
Aliases: CVE-2014-1362 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-9ec9-ewxt-aaam
Aliases: CVE-2013-0912 |
WebKit in Google Chrome before 25.0.1364.160 allows remote attackers to execute arbitrary code via vectors that leverage "type confusion." |
Affected by 26 other vulnerabilities. |
|
VCID-9h1n-6yzj-aaaa
Aliases: CVE-2011-0254 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-9j8k-ke78-aaan
Aliases: CVE-2014-4465 |
WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element. |
Affected by 26 other vulnerabilities. |
|
VCID-9k1n-35tz-aaae
Aliases: CVE-2013-0999 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-9pvn-m8qm-aaag
Aliases: CVE-2014-4467 |
WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-9py1-ryyq-aaad
Aliases: CVE-2012-3700 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-9q85-xf9x-aaap
Aliases: CVE-2011-3885 |
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data. |
Affected by 26 other vulnerabilities. |
|
VCID-9r4j-jee6-aaad
Aliases: CVE-2015-1155 |
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-9sbe-ruat-aaam
Aliases: CVE-2011-0134 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-9u4r-cyhr-aaam
Aliases: CVE-2012-3601 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-a19c-ve8d-aaab
Aliases: CVE-2010-3820 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses uninitialized memory during processing of editable elements, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-a1t2-qh3j-aaan
Aliases: CVE-2011-2811 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-a928-9r2t-aaap
Aliases: CVE-2011-2817 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-a9n8-hr9c-aaan
Aliases: CVE-2011-2825 |
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. |
Affected by 26 other vulnerabilities. |
|
VCID-aagp-2zum-aaaq
Aliases: CVE-2014-1344 |
CVE-2014-1344 webkitgtk: arbitrary code execution and denial of service |
Affected by 26 other vulnerabilities. |
|
VCID-aex4-vvx3-aaak
Aliases: CVE-2013-5199 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ajgj-cdhb-aaae
Aliases: CVE-2011-3019 |
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. |
Affected by 26 other vulnerabilities. |
|
VCID-anft-ec3k-aaaq
Aliases: CVE-2011-0145 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-anhj-c5pq-aaas
Aliases: CVE-2011-2845 |
Google Chrome before 15.0.874.102 does not properly handle history data, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-aptf-d6xj-aaaq
Aliases: CVE-2013-5195 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-art8-kvby-aaag
Aliases: CVE-2014-1324 |
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. |
Affected by 26 other vulnerabilities. |
|
VCID-asqd-a1m8-aaae
Aliases: CVE-2011-1691 |
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code. |
Affected by 26 other vulnerabilities. |
|
VCID-awhh-k48w-aaaq
Aliases: CVE-2012-3709 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-axmy-yhjt-aaaj
Aliases: CVE-2012-3604 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ay9a-3aaq-aaae
Aliases: CVE-2015-5809 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-az83-w28d-aaar
Aliases: CVE-2013-7324 |
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME desktop integration. |
Affected by 26 other vulnerabilities. |
|
VCID-b6gv-qcka-aaaj
Aliases: CVE-2014-1339 |
CVE-2014-1339 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-bfn9-86uk-aaam
Aliases: CVE-2014-1313 |
CVE-2014-1313 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-bgau-5pgw-aaaq
Aliases: CVE-2015-1127 |
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-bgpz-h4qc-aaae
Aliases: CVE-2010-3816 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. |
Affected by 26 other vulnerabilities. |
|
VCID-bnuz-w4zj-aaar
Aliases: CVE-2014-4475 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-bpdk-zr6h-aaag
Aliases: CVE-2014-1341 |
CVE-2014-1341 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-bwrv-nq6a-aaam
Aliases: CVE-2014-4462 |
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452. |
Affected by 26 other vulnerabilities. |
|
VCID-bxp4-565s-aaad
Aliases: CVE-2012-3612 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-byfz-p9gv-aaah
Aliases: CVE-2014-1384 |
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
Affected by 26 other vulnerabilities. |
|
VCID-c1u6-1g44-aaas
Aliases: CVE-2011-3020 |
Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-c7mg-kjx3-aaam
Aliases: CVE-2013-0992 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-c7z6-wag5-aaaq
Aliases: CVE-2015-3659 |
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-c82h-mkm3-aaag
Aliases: CVE-2011-0148 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ca78-se1t-aaab
Aliases: CVE-2012-3622 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ch2j-dfsb-aaar
Aliases: CVE-2011-0150 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-crre-f99t-aaan
Aliases: CVE-2010-3805 |
Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving WebSockets. NOTE: this may overlap CVE-2010-3254. |
Affected by 26 other vulnerabilities. |
|
VCID-cvxy-av8h-aaaq
Aliases: CVE-2014-1387 |
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
Affected by 26 other vulnerabilities. |
|
VCID-cxd2-eu3j-aaad
Aliases: CVE-2011-3238 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-cz4g-wr5k-aaad
Aliases: CVE-2012-3674 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-czcn-5fcg-aaab
Aliases: CVE-2011-3881 |
WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. |
Affected by 26 other vulnerabilities. |
|
VCID-d2ss-n3bs-aaaa
Aliases: CVE-2011-1799 |
Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-d689-b327-aaam
Aliases: CVE-2012-3613 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-d8pp-saf5-aaag
Aliases: CVE-2012-3655 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-d8re-vs15-aaag
Aliases: CVE-2012-3702 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-dbcg-eruf-aaad
Aliases: CVE-2011-0122 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-dera-ktwy-aaac
Aliases: CVE-2012-3623 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-df2q-serx-aaaj
Aliases: CVE-2012-3710 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-dfmp-76gc-aaar
Aliases: CVE-2011-1462 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-dk37-rw7t-aaah
Aliases: CVE-2013-0998 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-dn4j-a39t-aaad
Aliases: CVE-2010-3818 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving inline text boxes. |
Affected by 26 other vulnerabilities. |
|
VCID-dn6b-1vpz-aaaj
Aliases: CVE-2011-0244 |
WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds. |
Affected by 26 other vulnerabilities. |
|
VCID-dn9p-m64n-aaac
Aliases: CVE-2015-1122 |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-dp5c-n5hh-aaam
Aliases: CVE-2014-1366 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-dpv3-1nzm-aaan
Aliases: CVE-2014-1297 |
CVE-2014-1297 webkitgtk: improper WebProcess IPC messages validation (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-dtme-3f9x-aaaq
Aliases: CVE-2011-3443 |
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to improper list management for Cascading Style Sheets (CSS) @font-face rules. |
Affected by 26 other vulnerabilities. |
|
VCID-dzbu-f62j-aaan
Aliases: CVE-2011-3027 |
Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
Affected by 26 other vulnerabilities. |
|
VCID-e217-zaag-aaah
Aliases: CVE-2011-0253 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-e438-p19h-aaad
Aliases: CVE-2011-0137 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ear9-xnw4-aaar
Aliases: CVE-2012-3615 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ehd7-wkhx-aaae
Aliases: CVE-2010-3811 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes. |
Affected by 26 other vulnerabilities. |
|
VCID-enaf-7qd4-aaar
Aliases: CVE-2011-3890 |
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling. |
Affected by 26 other vulnerabilities. |
|
VCID-enxj-dyfw-aaab
Aliases: CVE-2012-3607 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-es89-z425-aaaq
Aliases: CVE-2011-0163 |
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service (resource unavailability) via a crafted web site that conducts a cache-poisoning attack. |
Affected by 26 other vulnerabilities. |
|
VCID-escy-2xxt-aaah
Aliases: CVE-2011-0240 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-eza7-82j7-aaac
Aliases: CVE-2013-1007 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ffmj-bcrm-aaap
Aliases: CVE-2011-0118 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-fmhb-w5ey-aaah
Aliases: CVE-2011-0140 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-fmus-xjkx-aaaa
Aliases: CVE-2011-3233 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-fr9u-r1vx-aaar
Aliases: CVE-2011-0136 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-fry2-z9kk-aaae
Aliases: CVE-2012-3617 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ft98-ezyn-aaaf
Aliases: CVE-2010-3824 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving SVG use elements. |
Affected by 26 other vulnerabilities. |
|
VCID-fwk5-71yv-aaad
Aliases: CVE-2011-0156 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-fzzt-1g5d-aaan
Aliases: CVE-2012-2819 |
The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387. |
Affected by 26 other vulnerabilities. |
|
VCID-g1r5-nhma-aaag
Aliases: CVE-2014-1363 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-g3dh-334r-aaar
Aliases: CVE-2011-2826 |
Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins. |
Affected by 26 other vulnerabilities. |
|
VCID-g3pw-gxca-aaan
Aliases: CVE-2010-3812 |
Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects. |
Affected by 26 other vulnerabilities. |
|
VCID-g3v5-d4ru-aaaq
Aliases: CVE-2013-0968 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-g5zb-a5wk-aaag
Aliases: CVE-2012-3669 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-g86a-hs5a-aaaq
Aliases: CVE-2014-1312 |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. |
Affected by 26 other vulnerabilities. |
|
VCID-g8dq-n4fw-aaar
Aliases: CVE-2014-1345 |
WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-g9ne-xw7e-aaae
Aliases: CVE-2012-3706 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-gbnh-rqgf-aaag
Aliases: CVE-2013-5196 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-gjf2-s97n-aaag
Aliases: CVE-2013-0959 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-gjyx-wr2y-aaaa
Aliases: CVE-2013-0994 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-gqp8-5yae-aaab
Aliases: CVE-2013-1011 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-gtsg-r4ka-aaaq
Aliases: CVE-2013-1010 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-gxvr-nz2t-aaad
Aliases: CVE-2015-3752 |
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-h2mw-v364-aaak
Aliases: CVE-2014-1340 |
WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1. |
Affected by 26 other vulnerabilities. |
|
VCID-h8kk-aap7-aaaq
Aliases: CVE-2014-1385 |
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
Affected by 26 other vulnerabilities. |
|
VCID-h95v-jnh7-aaan
Aliases: CVE-2014-1309 |
CVE-2014-1309 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-haqz-wte9-aaaa
Aliases: CVE-2011-3421 |
Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-hay6-j437-aaab
Aliases: CVE-2014-4459 |
Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. |
Affected by 26 other vulnerabilities. |
|
VCID-hdp3-b2j3-aaaq
Aliases: CVE-2010-1824 |
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. |
Affected by 26 other vulnerabilities. |
|
VCID-hgx5-cc2w-aaak
Aliases: CVE-2014-1334 |
CVE-2014-1334 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-hju4-uhhb-aaag
Aliases: CVE-2011-0166 |
The HTML5 drag and drop functionality in WebKit in Apple Safari before 5.0.4 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via vectors related to the dragging of content. NOTE: this might overlap CVE-2011-0778. |
Affected by 26 other vulnerabilities. |
|
VCID-hk2f-yuua-aaag
Aliases: CVE-2013-1001 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-hkgx-851u-aaae
Aliases: CVE-2011-3023 |
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations. |
Affected by 26 other vulnerabilities. |
|
VCID-hn3j-1zpy-aaap
Aliases: CVE-2012-3614 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-hpkq-hxb4-aaaa
Aliases: CVE-2012-3708 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-htyd-y81n-aaaq
Aliases: CVE-2011-2354 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-hv83-urcj-aaaf
Aliases: CVE-2012-3688 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-hw5m-d9fa-aaaq
Aliases: CVE-2013-1008 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-hxra-nu72-aaar
Aliases: CVE-2011-0146 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-j11k-6z27-aaap
Aliases: CVE-2014-1333 |
CVE-2014-1333 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-j1vh-53md-aaaf
Aliases: CVE-2012-3699 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-j3r4-p65g-aaac
Aliases: CVE-2014-1330 |
CVE-2014-1330 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-j4yb-168b-aaad
Aliases: CVE-2012-3687 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-jjzq-qhcz-aaae
Aliases: CVE-2011-3883 |
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters. |
Affected by 26 other vulnerabilities. |
|
VCID-jmw6-njsa-aaac
Aliases: CVE-2011-3244 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-jxxm-hr6r-aaas
Aliases: CVE-2013-1009 |
WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1023. |
Affected by 26 other vulnerabilities. |
|
VCID-jy4z-1e16-aaah
Aliases: CVE-2013-0962 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted content that is not properly handled during a copy-and-paste operation. |
Affected by 26 other vulnerabilities. |
|
VCID-jzba-73pd-aaam
Aliases: CVE-2011-0131 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-k1fj-dand-aaaj
Aliases: CVE-2012-3671 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-k8e4-8417-aaad
Aliases: CVE-2012-3624 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-k8fn-4xv7-aaad
Aliases: CVE-2014-1298 |
CVE-2014-1298 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-kaxf-dgph-aaac
Aliases: CVE-2014-4452 |
WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462. |
Affected by 26 other vulnerabilities. |
|
VCID-kcgp-sb15-aaab
Aliases: CVE-2014-4411 |
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
Affected by 26 other vulnerabilities. |
|
VCID-kjba-seen-aaae
Aliases: CVE-2014-1307 |
CVE-2014-1307 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-kk6x-nu5y-aaac
Aliases: CVE-2011-2831 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-kk94-bj32-aaab
Aliases: CVE-2011-3236 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ks1k-kjgs-aaac
Aliases: CVE-2011-1807 |
Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write. |
Affected by 26 other vulnerabilities. |
|
VCID-kwkd-4hp1-aaab
Aliases: CVE-2012-3649 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-mbns-mbtn-aaag
Aliases: CVE-2011-1203 |
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Affected by 26 other vulnerabilities. |
|
VCID-mdnx-sezr-aaaj
Aliases: CVE-2013-0955 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-mgsb-y9v8-aaaa
Aliases: CVE-2012-3684 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-mwuf-svw8-aaas
Aliases: CVE-2011-0221 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-mx49-wjm2-aaam
Aliases: CVE-2014-4471 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-n129-8y4q-aaam
Aliases: CVE-2015-3741 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-n4hy-1p13-aaas
Aliases: CVE-2010-3804 |
The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171. |
Affected by 26 other vulnerabilities. |
|
VCID-n53k-n27d-aaan
Aliases: CVE-2011-1197 |
Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Affected by 26 other vulnerabilities. |
|
VCID-n61x-kjq2-aaab
Aliases: CVE-2012-3628 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-n6dg-m9pu-aaaq
Aliases: CVE-2015-3747 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-n92a-9ad5-aaaf
Aliases: CVE-2012-3621 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ncm7-9mvh-aaan
Aliases: CVE-2012-3677 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ncvy-f4dz-aaan
Aliases: CVE-2010-3829 |
WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to CVE-2010-3813. |
Affected by 26 other vulnerabilities. |
|
VCID-nd1m-uwfr-aaam
Aliases: CVE-2011-1194 |
Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-njhr-w6u1-aaab
Aliases: CVE-2011-0238 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-nvqp-4p3p-aaaq
Aliases: CVE-2011-3235 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-nzr3-memz-aaac
Aliases: CVE-2011-0168 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-p8fq-e5re-aaad
Aliases: CVE-2012-3657 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-p8gj-bryk-aaap
Aliases: CVE-2011-3888 |
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. |
Affected by 26 other vulnerabilities. |
|
VCID-p8v3-29aq-aaaj
Aliases: CVE-2011-2820 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-p9yh-4etj-aaad
Aliases: CVE-2012-3656 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-pbzw-hzu5-aaam
Aliases: CVE-2011-0125 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-pd23-r1v8-aaaa
Aliases: CVE-2015-1076 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-pg4k-qu1q-aaaj
Aliases: CVE-2013-0949 |
WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
Affected by 26 other vulnerabilities. |
|
VCID-pjt5-aejp-aaaq
Aliases: CVE-2011-0255 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ppb4-akae-aaab
Aliases: CVE-2011-1201 |
The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
Affected by 26 other vulnerabilities. |
|
VCID-ppza-cnrn-aaah
Aliases: CVE-2011-0151 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-pq8a-y1ac-aaaj
Aliases: CVE-2015-5794 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-prdk-juuy-aaad
Aliases: CVE-2011-1190 |
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." |
Affected by 26 other vulnerabilities. |
|
VCID-prgf-u1wg-aaam
Aliases: CVE-2011-0132 |
Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ptdj-dt98-aaar
Aliases: CVE-2012-3712 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-pyh5-4yf5-aaaq
Aliases: CVE-2014-1310 |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. |
Affected by 26 other vulnerabilities. |
|
VCID-pysq-w6w2-aaan
Aliases: CVE-2014-1305 |
CVE-2014-1305 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-q5xt-8f8u-aaaj
Aliases: CVE-2012-3659 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-qdfn-w6az-aaas
Aliases: CVE-2014-1308 |
CVE-2014-1308 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-qh5b-crv2-aaaj
Aliases: CVE-2012-3645 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-qjt8-4jx5-aaaa
Aliases: CVE-2011-2341 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-qkhc-91ks-aaad
Aliases: CVE-2014-4415 |
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
Affected by 26 other vulnerabilities. |
|
VCID-qnhd-pwfd-aaae
Aliases: CVE-2012-0640 |
WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie. |
Affected by 26 other vulnerabilities. |
|
VCID-qrct-86p5-aaan
Aliases: CVE-2012-3598 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-qvd5-7z4y-aaaa
Aliases: CVE-2012-3701 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-qymh-hnm8-aaaf
Aliases: CVE-2013-0997 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-r1ry-gnty-aaab
Aliases: CVE-2011-0115 |
The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-r6k5-2na4-aaae
Aliases: CVE-2010-3120 |
Google Chrome before 5.0.375.127 does not properly implement the Geolocation feature, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-r83t-2man-aaan
Aliases: CVE-2014-1364 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-r8d8-j898-aaaa
Aliases: CVE-2012-3611 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-rchy-k5pg-aaam
Aliases: CVE-2014-1323 |
CVE-2014-1323 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-rfbt-d56g-aaae
Aliases: CVE-2011-1204 |
Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. |
Affected by 26 other vulnerabilities. |
|
VCID-rgdr-vvj8-aaas
Aliases: CVE-2012-3703 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-rh4d-tffz-aaaf
Aliases: CVE-2013-1005 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-rjw9-b2ny-aaap
Aliases: CVE-2011-0121 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-rkby-g2s1-aaah
Aliases: CVE-2013-0996 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-rmbk-b1cq-aaap
Aliases: CVE-2011-3018 |
Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. |
Affected by 26 other vulnerabilities. |
|
VCID-rs66-94tw-aaad
Aliases: CVE-2012-0695 |
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-ruvb-azkv-aaaa
Aliases: CVE-2013-0993 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-rxpq-rjjw-aaaj
Aliases: CVE-2011-2352 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-s3wc-63cg-aaas
Aliases: CVE-2011-4692 |
WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi. |
Affected by 26 other vulnerabilities. |
|
VCID-s64b-gguk-aaae
Aliases: CVE-2011-0169 |
WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the window.console._inspectorCommandLineAPI property, which allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-s9rw-mew4-aaad
Aliases: CVE-2011-1806 |
Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-scna-93dk-aaab
Aliases: CVE-2013-0995 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-scux-psag-aaae
Aliases: CVE-2015-5788 |
The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-seg7-ppr4-aaaj
Aliases: CVE-2015-5822 |
WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-sg8m-jrcj-aaag
Aliases: CVE-2011-0126 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-snvs-29mq-aaah
Aliases: CVE-2015-3748 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-spts-frdk-aaaa
Aliases: CVE-2011-3239 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-srtu-vsq9-aaag
Aliases: CVE-2014-1311 |
CVE-2014-1311 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-sur1-ngrj-aaak
Aliases: CVE-2015-1083 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-svn8-nuv4-aaad
Aliases: CVE-2011-3016 |
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. |
Affected by 26 other vulnerabilities. |
|
VCID-svwv-cg39-aaaf
Aliases: CVE-2012-3654 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-swsj-m6vb-aaap
Aliases: CVE-2011-0120 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-sxz7-m7vs-aaam
Aliases: CVE-2012-3672 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-t3gm-hcdk-aaap
Aliases: CVE-2014-1343 |
CVE-2014-1343 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-t3uz-cghj-aaaq
Aliases: CVE-2013-1000 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-t476-me14-aaag
Aliases: CVE-2012-0647 |
WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header. |
Affected by 26 other vulnerabilities. |
|
VCID-t6fz-jy2q-aaad
Aliases: CVE-2012-3748 |
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. |
Affected by 26 other vulnerabilities. |
|
VCID-t8g7-f4ay-aaam
Aliases: CVE-2012-3625 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-tdzc-9asx-aaar
Aliases: CVE-2014-1335 |
CVE-2014-1335 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-tg63-q2at-aaad
Aliases: CVE-2012-3643 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-thgg-npvv-aaab
Aliases: CVE-2011-0157 |
WebKit, as used in Apple iOS before 4.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-09-1. |
Affected by 26 other vulnerabilities. |
|
VCID-tm15-uq7k-aaab
Aliases: CVE-2011-0139 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-tnne-j6y1-aaad
Aliases: CVE-2011-3241 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-tr8c-vsua-aaaa
Aliases: CVE-2014-1382 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-tre4-v58e-aaan
Aliases: CVE-2011-2813 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ts3g-953q-aaan
Aliases: CVE-2013-1002 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ts52-9atz-aaae
Aliases: CVE-2011-1344 |
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011. |
Affected by 26 other vulnerabilities. |
|
VCID-tt8h-uxn5-aaar
Aliases: CVE-2012-3606 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ttst-2g7z-aaaq
Aliases: CVE-2011-0232 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-txs9-szd1-aaae
Aliases: CVE-2011-2816 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-u62y-6b55-aaah
Aliases: CVE-2013-5198 |
WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-u8dt-83h5-aaah
Aliases: CVE-2011-0111 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-uhmb-ywwk-aaad
Aliases: CVE-2014-1389 |
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
Affected by 26 other vulnerabilities. |
|
VCID-uvwn-zuar-aaak
Aliases: CVE-2011-0165 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-v12h-dpeq-aaae
Aliases: CVE-2014-1301 |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. |
Affected by 26 other vulnerabilities. |
|
VCID-v7zh-akh6-aaaj
Aliases: CVE-2011-1288 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-v8km-3qfe-aaac
Aliases: CVE-2011-3021 |
Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. |
Affected by 26 other vulnerabilities. |
|
VCID-v8mj-us2h-aaan
Aliases: CVE-2014-4413 |
WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
Affected by 26 other vulnerabilities. |
|
VCID-v9nd-gmns-aaad
Aliases: CVE-2014-1367 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-vbga-hnau-aaas
Aliases: CVE-2011-0143 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-vbn4-57zv-aaas
Aliases: CVE-2012-3680 |
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
Affected by 26 other vulnerabilities. |
|
VCID-vekk-ddyu-aaac
Aliases: CVE-2015-5801 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-vh13-vjmk-aaag
Aliases: CVE-2012-3675 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-vk67-fvq3-aaam
Aliases: CVE-2011-1800 |
Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-vkz3-f3ya-aaad
Aliases: CVE-2011-3878 |
Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization. |
Affected by 26 other vulnerabilities. |
|
VCID-vmbs-m63h-aaam
Aliases: CVE-2011-0160 |
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header. |
Affected by 26 other vulnerabilities. |
|
VCID-vmn8-42x2-aaaj
Aliases: CVE-2011-1200 |
Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable during text rendering, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
Affected by 26 other vulnerabilities. |
|
VCID-vr85-khtj-aaap
Aliases: CVE-2014-4476 |
WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479. |
Affected by 26 other vulnerabilities. |
|
VCID-vrh7-yepq-aaae
Aliases: CVE-2011-0235 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-vt6r-2fbp-aaan
Aliases: CVE-2012-3676 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-vtp3-vcnq-aaan
Aliases: CVE-2012-3648 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-vwkx-dbqb-aaac
Aliases: CVE-2014-4466 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-vyec-xj2t-aaan
Aliases: CVE-2014-1269 |
WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. |
Affected by 26 other vulnerabilities. |
|
VCID-w17y-9mnj-aaam
Aliases: CVE-2012-3711 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
Affected by 26 other vulnerabilities. |
|
VCID-w569-ugpk-aaah
Aliases: CVE-2011-0225 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-w6fj-papr-aaan
Aliases: CVE-2014-1338 |
CVE-2014-1338 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-w76q-gu7u-aaah
Aliases: CVE-2014-1325 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-w9d9-gjey-aaaa
Aliases: CVE-2014-1304 |
CVE-2014-1304 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-w9ns-rwfg-aaac
Aliases: CVE-2014-1329 |
CVE-2014-1329 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-wg38-7dg1-aaag
Aliases: CVE-2011-0222 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-wjzv-dam9-aaae
Aliases: CVE-2011-2809 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-wk9s-b1ck-aaac
Aliases: CVE-2013-1004 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-wrku-n7yk-aaae
Aliases: CVE-2013-0991 |
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
Affected by 26 other vulnerabilities. |
|
VCID-wwwz-cmcc-aaas
Aliases: CVE-2011-0147 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-x152-e4v2-aaam
Aliases: CVE-2011-1416 |
The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. |
Affected by 26 other vulnerabilities. |
|
VCID-x3dv-z8zy-aaar
Aliases: CVE-2010-2646 |
Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-x3y7-p9bs-aaap
Aliases: CVE-2014-1302 |
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. |
Affected by 26 other vulnerabilities. |
|
VCID-xad5-mmvj-aaab
Aliases: CVE-2013-1012 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements. |
Affected by 26 other vulnerabilities. |
|
VCID-xm4u-p596-aaah
Aliases: CVE-2011-0142 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-xsg4-yqsm-aaad
Aliases: CVE-2011-1199 |
Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-xtrv-jxj4-aaab
Aliases: CVE-2012-5112 |
Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-xu7c-k37t-aaah
Aliases: CVE-2010-3817 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) 3D transforms, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-y25e-59r6-aaae
Aliases: CVE-2011-0153 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-y7ct-2xcb-aaaf
Aliases: CVE-2015-1081 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-y8nq-wfsf-aaas
Aliases: CVE-2011-0233 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-ybzv-941n-aaag
Aliases: CVE-2014-4470 |
WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
Affected by 26 other vulnerabilities. |
|
VCID-yc87-kvhg-aaac
Aliases: CVE-2010-3826 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of colors in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-ydpg-g6k9-aaan
Aliases: CVE-2011-1301 |
Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-ye46-5q99-aaae
Aliases: CVE-2011-1801 |
Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote attackers to bypass the pop-up blocker via unknown vectors. |
Affected by 26 other vulnerabilities. |
|
VCID-yfjp-5uw2-aaam
Aliases: CVE-2014-1386 |
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
Affected by 26 other vulnerabilities. |
|
VCID-ygds-kspg-aaae
Aliases: CVE-2011-0161 |
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.style accessor, which allows remote attackers to bypass the Same Origin Policy and inject Cascading Style Sheets (CSS) token sequences via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-ygfg-7fag-aaaa
Aliases: CVE-2011-1453 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-yhns-v3f3-aaag
Aliases: CVE-2011-0117 |
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
Affected by 26 other vulnerabilities. |
|
VCID-yuba-72dr-aaac
Aliases: CVE-2015-3658 |
The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-yvp7-wnmc-aaac
Aliases: CVE-2010-4042 |
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements." |
Affected by 26 other vulnerabilities. |
|
VCID-z111-z62m-aaap
Aliases: CVE-2014-1337 |
CVE-2014-1337 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-z4rp-bpur-aaah
Aliases: CVE-2011-1797 |
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
Affected by 26 other vulnerabilities. |
|
VCID-z74h-7h7w-aaag
Aliases: CVE-2010-3808 |
WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 26 other vulnerabilities. |
|
VCID-z93x-h7zt-aaab
Aliases: CVE-2014-1388 |
WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
Affected by 26 other vulnerabilities. |
|
VCID-zagm-nd1j-aaap
Aliases: CVE-2011-2356 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
|
VCID-zags-qxzr-aaaa
Aliases: CVE-2015-1071 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zccg-bvxx-aaan
Aliases: CVE-2014-1368 |
WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
Affected by 26 other vulnerabilities. |
|
VCID-zfj5-337e-aaah
Aliases: CVE-2014-1342 |
CVE-2014-1342 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
Affected by 26 other vulnerabilities. |
|
VCID-zq4p-1q6q-aaag
Aliases: CVE-2011-2829 |
Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays. |
Affected by 26 other vulnerabilities. |
|
VCID-zqk2-6qhn-aaan
Aliases: CVE-2015-3731 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zycf-5kkv-aaan
Aliases: CVE-2011-1189 |
Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." |
Affected by 26 other vulnerabilities. |
|
VCID-zye8-ph3g-aaar
Aliases: CVE-2013-0961 |
WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0960. |
Affected by 26 other vulnerabilities. |
|
VCID-zyys-xy4m-aaas
Aliases: CVE-2011-2814 |
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
Affected by 26 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|