Search for packages
| purl | pkg:deb/ubuntu/webkitgtk@2.4.9-2ubuntu2 |
| Next non-vulnerable version | 2.4.10-0ubuntu0.14.04.1 |
| Latest non-vulnerable version | 2.4.10-0ubuntu1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1scq-4ve9-aaag
Aliases: CVE-2015-3727 |
WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-2r92-t3f5-aaag
Aliases: CVE-2015-1120 |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-2u1v-dhvp-aaas
Aliases: CVE-2015-3745 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-2vay-775q-aaam
Aliases: CVE-2015-1153 |
WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2015-1152 and CVE-2015-1154. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-46f4-w43k-aaas
Aliases: CVE-2015-3749 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-4k1m-nw8b-aaab
Aliases: CVE-2015-5928 |
WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-10-21-1, APPLE-SA-2015-10-21-3, and APPLE-SA-2015-10-21-5. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-4ncp-4xvg-aaab
Aliases: CVE-2015-3743 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-9r4j-jee6-aaad
Aliases: CVE-2015-1155 |
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ay9a-3aaq-aaae
Aliases: CVE-2015-5809 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-bgau-5pgw-aaaq
Aliases: CVE-2015-1127 |
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-c7z6-wag5-aaaq
Aliases: CVE-2015-3659 |
The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-dn9p-m64n-aaac
Aliases: CVE-2015-1122 |
WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-SA-2015-04-08-4. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-gxvr-nz2t-aaad
Aliases: CVE-2015-3752 |
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross-origin request or (2) a private-browsing request. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-n129-8y4q-aaam
Aliases: CVE-2015-3741 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-n6dg-m9pu-aaaq
Aliases: CVE-2015-3747 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-pd23-r1v8-aaaa
Aliases: CVE-2015-1076 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-pq8a-y1ac-aaaj
Aliases: CVE-2015-5794 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-scux-psag-aaae
Aliases: CVE-2015-5788 |
The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-seg7-ppr4-aaaj
Aliases: CVE-2015-5822 |
WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-snvs-29mq-aaah
Aliases: CVE-2015-3748 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-sur1-ngrj-aaak
Aliases: CVE-2015-1083 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-vekk-ddyu-aaac
Aliases: CVE-2015-5801 |
WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and APPLE-SA-2015-09-16-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-y7ct-2xcb-aaaf
Aliases: CVE-2015-1081 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-yuba-72dr-aaac
Aliases: CVE-2015-3658 |
The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zags-qxzr-aaaa
Aliases: CVE-2015-1071 |
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-zqk2-6qhn-aaan
Aliases: CVE-2015-3731 |
WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-15vb-43w8-aaaj | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling. |
CVE-2011-3017
|
| VCID-19g5-1x5f-aaas | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0948
|
| VCID-1aay-wzuu-aaar | html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108. |
CVE-2012-5851
|
| VCID-1bqb-v92t-aaak | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3632
|
| VCID-1dcp-6t62-aaab | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0954
|
| VCID-1gf3-zbc8-aaag | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3685
|
| VCID-1hgk-1xrh-aaaj | WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961. |
CVE-2013-0960
|
| VCID-1jhx-s5ek-aaah | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2339
|
| VCID-1jwh-repz-aaae | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0237
|
| VCID-1m1u-jhpy-aaac | Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. |
CVE-2011-1290
|
| VCID-1uay-6sed-aaac | WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, does not properly implement the .sort function for JavaScript arrays, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0154
|
| VCID-1uf3-d6ug-aaar | Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows. |
CVE-2011-3243
|
| VCID-1uww-w5np-aaaq | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0223
|
| VCID-1vgk-b15t-aaap | WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. |
CVE-2014-1327
|
| VCID-1xqg-q8wm-aaaq | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3658
|
| VCID-1xz7-f4wj-aaaf | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1365
|
| VCID-1zm5-32e7-aaaf | The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
CVE-2010-2651
|
| VCID-23az-7dve-aaan | WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
CVE-2014-4412
|
| VCID-23bw-ztf7-aaaa | Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling." |
CVE-2011-1195
|
| VCID-29dt-2tvt-aaab | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1006
|
| VCID-2bbx-hwwx-aaam | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) boxes, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
CVE-2010-3819
|
| VCID-2c62-ca8z-aaac | translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network. |
CVE-2011-3022
|
| VCID-2dnh-6kfq-aaab | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0218
|
| VCID-2g2m-ssba-aaag | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0129
|
| VCID-2gny-hrae-aaad | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3647
|
| VCID-2mu1-6nqt-aaab | XSS Auditor in WebKit in Apple Safari before 6.0.5 does not properly rewrite URLs, which allows remote attackers to trigger unintended form submissions via unspecified vectors. |
CVE-2013-1013
|
| VCID-2pem-tzm4-aaam | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized pointer during processing of Cascading Style Sheets (CSS) counter styles, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
CVE-2010-3822
|
| VCID-2uy9-1qaz-aaar | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3627
|
| VCID-2wdx-g43m-aaaq | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4474
|
| VCID-31he-2tqr-aaap | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0152
|
| VCID-34tf-qwyt-aaar | Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors. |
CVE-2011-3887
|
| VCID-35hy-nks5-aaac | Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. |
CVE-2011-1059
|
| VCID-368a-1ru4-aaad | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3602
|
| VCID-36mv-q3sa-aaaj | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the :first-letter pseudo-element in a Cascading Style Sheets (CSS) token sequence, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. |
CVE-2010-3821
|
| VCID-36th-s6e5-aaae | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0952
|
| VCID-3ee5-mrbw-aaab | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0144
|
| VCID-3gww-djvr-aaap | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3705
|
| VCID-3hb3-ddaz-aaad | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3626
|
| VCID-3hmv-sdeg-aaar | CVE-2014-1331 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1331
|
| VCID-3jrq-qfs1-aaag | Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." |
CVE-2013-2268
|
| VCID-3m7w-z5cb-aaaq | CVE-2014-1346 webkitgtk: improper Unicode encoding interpretation (WSA-2015-0001) |
CVE-2014-1346
|
| VCID-3pdy-gjg9-aaae | Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. |
CVE-2011-1302
|
| VCID-3pz1-1j1h-aaam | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0128
|
| VCID-3qfj-end3-aaaq | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box. |
CVE-2011-2823
|
| VCID-3qjj-843a-aaam | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the History object, which allows remote attackers to spoof the location bar's URL or add URLs to the history via a cross-origin attack. |
CVE-2010-3810
|
| VCID-3t16-hjsq-aaap | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3704
|
| VCID-3trn-d2hp-aaaj | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1269 and CVE-2014-1270. |
CVE-2014-1268
|
| VCID-3ubx-6ja4-aaab | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0114
|
| VCID-3xu6-89z9-aaab | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-1457
|
| VCID-3y1t-ukvn-aaaq | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3616
|
| VCID-3zdm-jdxf-aaam | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0141
|
| VCID-42k4-yy96-aaaa | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0127
|
| VCID-43h3-hd8p-aaas | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1003
|
| VCID-45hk-w77b-aaae | Heap-based buffer overflow in the Web Audio implementation in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
CVE-2011-3889
|
| VCID-468b-fyky-aaac | Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate. |
CVE-2011-3024
|
| VCID-4dfx-4jqg-aaac | Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs. |
CVE-2011-1191
|
| VCID-4ehg-vch9-aaae | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0164
|
| VCID-4g28-key4-aaam | Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors. |
CVE-2011-1185
|
| VCID-4hhg-8h48-aaae | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0112
|
| VCID-4j3a-f68x-aaar | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2338
|
| VCID-4j68-aq1f-aaan | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0138
|
| VCID-4mzs-x1zx-aaab | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1269. |
CVE-2014-1270
|
| VCID-4n9w-rv5d-aaan | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-3237
|
| VCID-4u5f-xtye-aaad | Google Chrome before 10.0.648.127 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
CVE-2011-1188
|
| VCID-4yju-ra81-aaaa | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3670
|
| VCID-55td-5hvb-aaap | WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to a "dangling pointer" and iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0149
|
| VCID-56gs-j25m-aaag | WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1009. |
CVE-2013-1023
|
| VCID-5cq3-v7rs-aaam | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving a URL that contains a username. |
CVE-2011-0242
|
| VCID-5dqz-2tky-aaae | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.157 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. |
CVE-2011-3420
|
| VCID-5q3a-d4ea-aaad | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0123
|
| VCID-5r5h-799q-aaap | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0956
|
| VCID-5vcd-up3m-aaas | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0958
|
| VCID-5vdc-4w9j-aaaa | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4473
|
| VCID-5wgu-1q46-aaas | The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products does not verify whether DNS prefetching is enabled when processing an HTML LINK element, which allows remote attackers to bypass intended access restrictions, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality. |
CVE-2010-3813
|
| VCID-5xxn-a3dd-aaaq | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3651
|
| VCID-63c3-cucz-aaam | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3652
|
| VCID-64k6-ewa2-aaaj | WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
CVE-2013-5197
|
| VCID-66ca-udkd-aaaj | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3707
|
| VCID-67w4-s8h1-aaar | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0953
|
| VCID-686s-qz7c-aaac | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3660
|
| VCID-6e8p-uvm8-aaae | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0113
|
| VCID-6ew8-q618-aaad | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of inline styling, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
CVE-2010-3809
|
| VCID-6eyp-kxrg-aaak | Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string. |
CVE-2010-3803
|
| VCID-6k6g-xbdt-aaae | Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors. |
CVE-2010-2900
|
| VCID-6kye-m9qn-aaah | WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
CVE-2014-4410
|
| VCID-6mj9-u1rs-aaaj | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Geolocation objects. NOTE: this might overlap CVE-2010-3415. |
CVE-2010-3823
|
| VCID-6ms3-2xj8-aaaq | Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows remote attackers to spoof https connections by placing this character in the TITLE element of a web page. |
CVE-2012-3742
|
| VCID-6ttd-jj6j-aaap | WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
CVE-2014-4414
|
| VCID-6upd-vngk-aaaq | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes. |
CVE-2011-2824
|
| VCID-6zwe-bv5t-aaad | The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site. |
CVE-2011-0167
|
| VCID-7arb-xjrt-aaad | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0130
|
| VCID-7bfm-7436-aaap | The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
CVE-2010-3254
|
| VCID-7drk-jqs9-aaam | CVE-2014-1299 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1299
|
| VCID-7fge-85yh-aaag | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0234
|
| VCID-7g6x-ppts-aaab | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0951
|
| VCID-7p5z-d5zr-aaar | CVE-2014-1326 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1326
|
| VCID-7tzu-4au6-aaaj | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching. |
CVE-2011-2827
|
| VCID-7y19-au46-aaae | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0135
|
| VCID-7y9d-kgtn-aaaf | Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
CVE-2011-3015
|
| VCID-7yjg-4ehs-aaad | WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
CVE-2013-5225
|
| VCID-82j1-2tcg-aaaj | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4468
|
| VCID-82vd-4up3-aaag | CVE-2014-1336 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1336
|
| VCID-83b4-j92e-aaaf | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3692
|
| VCID-83nv-szn3-aaad | WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479. |
CVE-2014-4477
|
| VCID-87cj-q39u-aaaj | WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477. |
CVE-2014-4479
|
| VCID-8awz-k8b2-aaaa | Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
CVE-2011-3025
|
| VCID-8fpa-uk7e-aaak | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2815
|
| VCID-8j2u-t7c3-aaah | Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
CVE-2011-1192
|
| VCID-8m41-cs48-aaan | WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. |
CVE-2012-3747
|
| VCID-8pj5-r7gj-aaaj | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0119
|
| VCID-8q54-pej7-aaaq | WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly access glyph data during layout actions for floating blocks associated with pseudo-elements, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0133
|
| VCID-8qf9-emv4-aaah | WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
CVE-2013-5228
|
| VCID-8qh4-51dj-aaad | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4469
|
| VCID-8s4z-hca3-aaae | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4472
|
| VCID-8t99-u7pz-aaar | rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
CVE-2011-1804
|
| VCID-8wdn-8s8a-aaah | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3673
|
| VCID-8x5g-afjx-aaas | Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to DOM manipulations during iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0116
|
| VCID-8yvq-va6m-aaaj | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0155
|
| VCID-8zb9-4xpy-aaag | WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
CVE-2014-1390
|
| VCID-95nc-shq4-aaap | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0124
|
| VCID-95rm-pxg9-aaam | WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. |
CVE-2012-0672
|
| VCID-99ws-1zqx-aaas | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0950
|
| VCID-9e6c-xu8c-aaap | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1362
|
| VCID-9ec9-ewxt-aaam | WebKit in Google Chrome before 25.0.1364.160 allows remote attackers to execute arbitrary code via vectors that leverage "type confusion." |
CVE-2013-0912
|
| VCID-9h1n-6yzj-aaaa | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0254
|
| VCID-9j8k-ke78-aaan | WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element. |
CVE-2014-4465
|
| VCID-9k1n-35tz-aaae | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0999
|
| VCID-9pvn-m8qm-aaag | WebKit, as used in Apple iOS before 8.1.3, does not properly determine scrollbar boundaries during the rendering of FRAME elements, which allows remote attackers to spoof the UI via a crafted web site. |
CVE-2014-4467
|
| VCID-9py1-ryyq-aaad | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3700
|
| VCID-9q85-xf9x-aaap | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data. |
CVE-2011-3885
|
| VCID-9sbe-ruat-aaam | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0134
|
| VCID-9u4r-cyhr-aaam | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3601
|
| VCID-a19c-ve8d-aaab | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses uninitialized memory during processing of editable elements, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
CVE-2010-3820
|
| VCID-a1t2-qh3j-aaan | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2811
|
| VCID-a928-9r2t-aaap | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2817
|
| VCID-a9n8-hr9c-aaan | Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. |
CVE-2011-2825
|
| VCID-aagp-2zum-aaaq | CVE-2014-1344 webkitgtk: arbitrary code execution and denial of service |
CVE-2014-1344
|
| VCID-aex4-vvx3-aaak | WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
CVE-2013-5199
|
| VCID-ajgj-cdhb-aaae | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. |
CVE-2011-3019
|
| VCID-anft-ec3k-aaaq | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0145
|
| VCID-anhj-c5pq-aaas | Google Chrome before 15.0.874.102 does not properly handle history data, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors. |
CVE-2011-2845
|
| VCID-aptf-d6xj-aaaq | WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
CVE-2013-5195
|
| VCID-art8-kvby-aaag | WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1. |
CVE-2014-1324
|
| VCID-asqd-a1m8-aaae | The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code. |
CVE-2011-1691
|
| VCID-awhh-k48w-aaaq | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3709
|
| VCID-axmy-yhjt-aaaj | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3604
|
| VCID-az83-w28d-aaar | Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME desktop integration. |
CVE-2013-7324
|
| VCID-b6gv-qcka-aaaj | CVE-2014-1339 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1339
|
| VCID-bfn9-86uk-aaam | CVE-2014-1313 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1313
|
| VCID-bgpz-h4qc-aaae | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. |
CVE-2010-3816
|
| VCID-bnuz-w4zj-aaar | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4475
|
| VCID-bpdk-zr6h-aaag | CVE-2014-1341 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1341
|
| VCID-bwrv-nq6a-aaam | WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4452. |
CVE-2014-4462
|
| VCID-bxp4-565s-aaad | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3612
|
| VCID-byfz-p9gv-aaah | WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
CVE-2014-1384
|
| VCID-c1u6-1g44-aaas | Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors. |
CVE-2011-3020
|
| VCID-c7mg-kjx3-aaam | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0992
|
| VCID-c82h-mkm3-aaag | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0148
|
| VCID-ca78-se1t-aaab | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3622
|
| VCID-ch2j-dfsb-aaar | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0150
|
| VCID-crre-f99t-aaan | Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving WebSockets. NOTE: this may overlap CVE-2010-3254. |
CVE-2010-3805
|
| VCID-cvxy-av8h-aaaq | WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
CVE-2014-1387
|
| VCID-cxd2-eu3j-aaad | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-3238
|
| VCID-cz4g-wr5k-aaad | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3674
|
| VCID-czcn-5fcg-aaab | WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. |
CVE-2011-3881
|
| VCID-d2ss-n3bs-aaaa | Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
CVE-2011-1799
|
| VCID-d689-b327-aaam | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3613
|
| VCID-d8pp-saf5-aaag | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3655
|
| VCID-d8re-vs15-aaag | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3702
|
| VCID-dbcg-eruf-aaad | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0122
|
| VCID-dera-ktwy-aaac | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3623
|
| VCID-df2q-serx-aaaj | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3710
|
| VCID-dfmp-76gc-aaar | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-1462
|
| VCID-dk37-rw7t-aaah | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0998
|
| VCID-dn4j-a39t-aaad | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving inline text boxes. |
CVE-2010-3818
|
| VCID-dn6b-1vpz-aaaj | WebKit in Apple Safari before 5.0.6 allows user-assisted remote attackers to read arbitrary files via vectors related to improper canonicalization of URLs within RSS feeds. |
CVE-2011-0244
|
| VCID-dp5c-n5hh-aaam | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1366
|
| VCID-dpv3-1nzm-aaan | CVE-2014-1297 webkitgtk: improper WebProcess IPC messages validation (WSA-2015-0001) |
CVE-2014-1297
|
| VCID-dtme-3f9x-aaaq | Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to improper list management for Cascading Style Sheets (CSS) @font-face rules. |
CVE-2011-3443
|
| VCID-dzbu-f62j-aaan | Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
CVE-2011-3027
|
| VCID-e217-zaag-aaah | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0253
|
| VCID-e438-p19h-aaad | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0137
|
| VCID-ear9-xnw4-aaar | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3615
|
| VCID-ehd7-wkhx-aaae | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element attributes. |
CVE-2010-3811
|
| VCID-enaf-7qd4-aaar | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling. |
CVE-2011-3890
|
| VCID-enxj-dyfw-aaab | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3607
|
| VCID-es89-z425-aaaq | WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service (resource unavailability) via a crafted web site that conducts a cache-poisoning attack. |
CVE-2011-0163
|
| VCID-escy-2xxt-aaah | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0240
|
| VCID-eza7-82j7-aaac | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1007
|
| VCID-ffmj-bcrm-aaap | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0118
|
| VCID-fmhb-w5ey-aaah | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0140
|
| VCID-fmus-xjkx-aaaa | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-3233
|
| VCID-fr9u-r1vx-aaar | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0136
|
| VCID-fry2-z9kk-aaae | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3617
|
| VCID-ft98-ezyn-aaaf | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving SVG use elements. |
CVE-2010-3824
|
| VCID-fwk5-71yv-aaad | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0156
|
| VCID-fzzt-1g5d-aaan | The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387. |
CVE-2012-2819
|
| VCID-g1r5-nhma-aaag | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1363
|
| VCID-g3dh-334r-aaar | Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins. |
CVE-2011-2826
|
| VCID-g3pw-gxca-aaan | Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Text objects. |
CVE-2010-3812
|
| VCID-g3v5-d4ru-aaaq | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0968
|
| VCID-g5zb-a5wk-aaag | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3669
|
| VCID-g86a-hs5a-aaaq | WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. |
CVE-2014-1312
|
| VCID-g8dq-n4fw-aaar | WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site. |
CVE-2014-1345
|
| VCID-g9ne-xw7e-aaae | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3706
|
| VCID-gbnh-rqgf-aaag | WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
CVE-2013-5196
|
| VCID-gjf2-s97n-aaag | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0959
|
| VCID-gjyx-wr2y-aaaa | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0994
|
| VCID-gqp8-5yae-aaab | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1011
|
| VCID-gtsg-r4ka-aaaq | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1010
|
| VCID-h2mw-v364-aaak | WebKit, as used in Apple Safari before 6.1.5 and 7.x before 7.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1. |
CVE-2014-1340
|
| VCID-h8kk-aap7-aaaq | WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
CVE-2014-1385
|
| VCID-h95v-jnh7-aaan | CVE-2014-1309 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1309
|
| VCID-haqz-wte9-aaaa | Multiple unspecified vulnerabilities in Google Chrome before 14.0.835.125 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. |
CVE-2011-3421
|
| VCID-hay6-j437-aaab | Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document. |
CVE-2014-4459
|
| VCID-hdp3-b2j3-aaaq | Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages. |
CVE-2010-1824
|
| VCID-hgx5-cc2w-aaak | CVE-2014-1334 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1334
|
| VCID-hju4-uhhb-aaag | The HTML5 drag and drop functionality in WebKit in Apple Safari before 5.0.4 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via vectors related to the dragging of content. NOTE: this might overlap CVE-2011-0778. |
CVE-2011-0166
|
| VCID-hk2f-yuua-aaag | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1001
|
| VCID-hkgx-851u-aaae | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations. |
CVE-2011-3023
|
| VCID-hn3j-1zpy-aaap | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3614
|
| VCID-hpkq-hxb4-aaaa | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3708
|
| VCID-htyd-y81n-aaaq | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2354
|
| VCID-hv83-urcj-aaaf | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3688
|
| VCID-hw5m-d9fa-aaaq | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1008
|
| VCID-hxra-nu72-aaar | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0146
|
| VCID-j11k-6z27-aaap | CVE-2014-1333 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1333
|
| VCID-j1vh-53md-aaaf | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3699
|
| VCID-j3r4-p65g-aaac | CVE-2014-1330 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1330
|
| VCID-j4yb-168b-aaad | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3687
|
| VCID-jjzq-qhcz-aaae | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counters. |
CVE-2011-3883
|
| VCID-jmw6-njsa-aaac | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-3244
|
| VCID-jxxm-hr6r-aaas | WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2013-1023. |
CVE-2013-1009
|
| VCID-jy4z-1e16-aaah | Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted content that is not properly handled during a copy-and-paste operation. |
CVE-2013-0962
|
| VCID-jzba-73pd-aaam | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0131
|
| VCID-k1fj-dand-aaaj | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3671
|
| VCID-k8e4-8417-aaad | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3624
|
| VCID-k8fn-4xv7-aaad | CVE-2014-1298 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1298
|
| VCID-kaxf-dgph-aaac | WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4462. |
CVE-2014-4452
|
| VCID-kcgp-sb15-aaab | WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
CVE-2014-4411
|
| VCID-kjba-seen-aaae | CVE-2014-1307 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1307
|
| VCID-kk6x-nu5y-aaac | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2831
|
| VCID-kk94-bj32-aaab | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-3236
|
| VCID-ks1k-kjgs-aaac | Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write. |
CVE-2011-1807
|
| VCID-kwkd-4hp1-aaab | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3649
|
| VCID-mbns-mbtn-aaag | Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
CVE-2011-1203
|
| VCID-mdnx-sezr-aaaj | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0955
|
| VCID-mgsb-y9v8-aaaa | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3684
|
| VCID-mwuf-svw8-aaas | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0221
|
| VCID-mx49-wjm2-aaam | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4471
|
| VCID-n4hy-1p13-aaas | The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, uses a weak algorithm for generating values of random numbers, which makes it easier for remote attackers to track a user by predicting a value, a related issue to CVE-2008-5913 and CVE-2010-3171. |
CVE-2010-3804
|
| VCID-n53k-n27d-aaan | Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
CVE-2011-1197
|
| VCID-n61x-kjq2-aaab | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3628
|
| VCID-n92a-9ad5-aaaf | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3621
|
| VCID-ncm7-9mvh-aaan | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3677
|
| VCID-ncvy-f4dz-aaan | WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to CVE-2010-3813. |
CVE-2010-3829
|
| VCID-nd1m-uwfr-aaam | Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors. |
CVE-2011-1194
|
| VCID-njhr-w6u1-aaab | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0238
|
| VCID-nvqp-4p3p-aaaq | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-3235
|
| VCID-nzr3-memz-aaac | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0168
|
| VCID-p8fq-e5re-aaad | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3657
|
| VCID-p8gj-bryk-aaap | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. |
CVE-2011-3888
|
| VCID-p8v3-29aq-aaaj | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2820
|
| VCID-p9yh-4etj-aaad | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3656
|
| VCID-pbzw-hzu5-aaam | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0125
|
| VCID-pg4k-qu1q-aaaj | WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-01-28-1. |
CVE-2013-0949
|
| VCID-pjt5-aejp-aaaq | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0255
|
| VCID-ppb4-akae-aaab | The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." |
CVE-2011-1201
|
| VCID-ppza-cnrn-aaah | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0151
|
| VCID-prdk-juuy-aaad | The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." |
CVE-2011-1190
|
| VCID-prgf-u1wg-aaam | Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0132
|
| VCID-ptdj-dt98-aaar | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3712
|
| VCID-pyh5-4yf5-aaaq | WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. |
CVE-2014-1310
|
| VCID-pysq-w6w2-aaan | CVE-2014-1305 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1305
|
| VCID-q5xt-8f8u-aaaj | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3659
|
| VCID-qdfn-w6az-aaas | CVE-2014-1308 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1308
|
| VCID-qh5b-crv2-aaaj | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3645
|
| VCID-qjt8-4jx5-aaaa | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2341
|
| VCID-qkhc-91ks-aaad | WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
CVE-2014-4415
|
| VCID-qnhd-pwfd-aaae | WebKit in Apple Safari before 5.1.4 does not properly implement "From third parties and advertisers" cookie blocking, which makes it easier for remote web servers to track users via a cookie. |
CVE-2012-0640
|
| VCID-qrct-86p5-aaan | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3598
|
| VCID-qvd5-7z4y-aaaa | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3701
|
| VCID-qymh-hnm8-aaaf | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0997
|
| VCID-r1ry-gnty-aaab | The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0115
|
| VCID-r6k5-2na4-aaae | Google Chrome before 5.0.375.127 does not properly implement the Geolocation feature, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
CVE-2010-3120
|
| VCID-r83t-2man-aaan | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1364
|
| VCID-r8d8-j898-aaaa | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3611
|
| VCID-rchy-k5pg-aaam | CVE-2014-1323 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1323
|
| VCID-rfbt-d56g-aaae | Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. |
CVE-2011-1204
|
| VCID-rgdr-vvj8-aaas | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3703
|
| VCID-rh4d-tffz-aaaf | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1005
|
| VCID-rjw9-b2ny-aaap | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0121
|
| VCID-rkby-g2s1-aaah | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0996
|
| VCID-rmbk-b1cq-aaap | Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. |
CVE-2011-3018
|
| VCID-rs66-94tw-aaad | Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. |
CVE-2012-0695
|
| VCID-ruvb-azkv-aaaa | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0993
|
| VCID-rxpq-rjjw-aaaj | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2352
|
| VCID-s3wc-63cg-aaas | WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi. |
CVE-2011-4692
|
| VCID-s64b-gguk-aaae | WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the window.console._inspectorCommandLineAPI property, which allows user-assisted remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted web site. |
CVE-2011-0169
|
| VCID-s9rw-mew4-aaad | Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
CVE-2011-1806
|
| VCID-scna-93dk-aaab | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0995
|
| VCID-sg8m-jrcj-aaag | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0126
|
| VCID-spts-frdk-aaaa | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-3239
|
| VCID-srtu-vsq9-aaag | CVE-2014-1311 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1311
|
| VCID-svn8-nuv4-aaad | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. |
CVE-2011-3016
|
| VCID-svwv-cg39-aaaf | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3654
|
| VCID-swsj-m6vb-aaap | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0120
|
| VCID-sxz7-m7vs-aaam | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3672
|
| VCID-t3gm-hcdk-aaap | CVE-2014-1343 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1343
|
| VCID-t3uz-cghj-aaaq | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1000
|
| VCID-t476-me14-aaag | WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header. |
CVE-2012-0647
|
| VCID-t6fz-jy2q-aaad | Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays. |
CVE-2012-3748
|
| VCID-t8g7-f4ay-aaam | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3625
|
| VCID-tdzc-9asx-aaar | CVE-2014-1335 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1335
|
| VCID-tg63-q2at-aaad | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3643
|
| VCID-thgg-npvv-aaab | WebKit, as used in Apple iOS before 4.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-09-1. |
CVE-2011-0157
|
| VCID-tm15-uq7k-aaab | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0139
|
| VCID-tnne-j6y1-aaad | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-3241
|
| VCID-tr8c-vsua-aaaa | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1382
|
| VCID-tre4-v58e-aaan | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2813
|
| VCID-ts3g-953q-aaan | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1002
|
| VCID-ts52-9atz-aaae | Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011. |
CVE-2011-1344
|
| VCID-tt8h-uxn5-aaar | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3606
|
| VCID-ttst-2g7z-aaaq | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0232
|
| VCID-txs9-szd1-aaae | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2816
|
| VCID-u62y-6b55-aaah | WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1. |
CVE-2013-5198
|
| VCID-u8dt-83h5-aaah | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0111
|
| VCID-uhmb-ywwk-aaad | WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
CVE-2014-1389
|
| VCID-uvwn-zuar-aaak | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0165
|
| VCID-v12h-dpeq-aaae | WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. |
CVE-2014-1301
|
| VCID-v7zh-akh6-aaaj | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-1288
|
| VCID-v8km-3qfe-aaac | Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. |
CVE-2011-3021
|
| VCID-v8mj-us2h-aaan | WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and APPLE-SA-2014-09-17-2. |
CVE-2014-4413
|
| VCID-v9nd-gmns-aaad | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1367
|
| VCID-vbga-hnau-aaas | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0143
|
| VCID-vbn4-57zv-aaas | WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
CVE-2012-3680
|
| VCID-vh13-vjmk-aaag | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3675
|
| VCID-vk67-fvq3-aaam | Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
CVE-2011-1800
|
| VCID-vkz3-f3ya-aaad | Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization. |
CVE-2011-3878
|
| VCID-vmbs-m63h-aaam | WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header. |
CVE-2011-0160
|
| VCID-vmn8-42x2-aaaj | Google Chrome before 10.0.648.127 does not properly perform a cast of an unspecified variable during text rendering, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. |
CVE-2011-1200
|
| VCID-vr85-khtj-aaap | WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479. |
CVE-2014-4476
|
| VCID-vrh7-yepq-aaae | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0235
|
| VCID-vt6r-2fbp-aaan | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3676
|
| VCID-vtp3-vcnq-aaan | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3648
|
| VCID-vwkx-dbqb-aaac | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4466
|
| VCID-vyec-xj2t-aaan | WebKit, as used in Apple Safari before 6.1.2 and 7.x before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-1268 and CVE-2014-1270. |
CVE-2014-1269
|
| VCID-w17y-9mnj-aaam | WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. |
CVE-2012-3711
|
| VCID-w569-ugpk-aaah | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0225
|
| VCID-w6fj-papr-aaan | CVE-2014-1338 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1338
|
| VCID-w76q-gu7u-aaah | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1325
|
| VCID-w9d9-gjey-aaaa | CVE-2014-1304 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1304
|
| VCID-w9ns-rwfg-aaac | CVE-2014-1329 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1329
|
| VCID-wg38-7dg1-aaag | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0222
|
| VCID-wjzv-dam9-aaae | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2809
|
| VCID-wk9s-b1ck-aaac | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-1004
|
| VCID-wrku-n7yk-aaae | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. |
CVE-2013-0991
|
| VCID-wwwz-cmcc-aaas | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0147
|
| VCID-x152-e4v2-aaam | The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. |
CVE-2011-1416
|
| VCID-x3dv-z8zy-aaar | Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors. |
CVE-2010-2646
|
| VCID-x3y7-p9bs-aaap | WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1. |
CVE-2014-1302
|
| VCID-xad5-mmvj-aaab | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via vectors involving IFRAME elements. |
CVE-2013-1012
|
| VCID-xm4u-p596-aaah | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0142
|
| VCID-xsg4-yqsm-aaad | Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. |
CVE-2011-1199
|
| VCID-xtrv-jxj4-aaab | Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors. |
CVE-2012-5112
|
| VCID-xu7c-k37t-aaah | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) 3D transforms, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
CVE-2010-3817
|
| VCID-y25e-59r6-aaae | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0153
|
| VCID-y8nq-wfsf-aaas | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-0233
|
| VCID-ybzv-941n-aaag | WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1. |
CVE-2014-4470
|
| VCID-yc87-kvhg-aaac | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of colors in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
CVE-2010-3826
|
| VCID-ydpg-g6k9-aaan | Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors. |
CVE-2011-1301
|
| VCID-ye46-5q99-aaae | Unspecified vulnerability in Google Chrome before 11.0.696.71 allows remote attackers to bypass the pop-up blocker via unknown vectors. |
CVE-2011-1801
|
| VCID-yfjp-5uw2-aaam | WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
CVE-2014-1386
|
| VCID-ygds-kspg-aaae | WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.style accessor, which allows remote attackers to bypass the Same Origin Policy and inject Cascading Style Sheets (CSS) token sequences via a crafted web site. |
CVE-2011-0161
|
| VCID-ygfg-7fag-aaaa | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-1453
|
| VCID-yhns-v3f3-aaag | WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
CVE-2011-0117
|
| VCID-yvp7-wnmc-aaac | Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements." |
CVE-2010-4042
|
| VCID-z111-z62m-aaap | CVE-2014-1337 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1337
|
| VCID-z4rp-bpur-aaah | WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
CVE-2011-1797
|
| VCID-z74h-7h7w-aaag | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of editing commands, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site. |
CVE-2010-3808
|
| VCID-z93x-h7zt-aaab | WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in HT6367. |
CVE-2014-1388
|
| VCID-zagm-nd1j-aaap | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2356
|
| VCID-zccg-bvxx-aaan | WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-06-30-1, APPLE-SA-2014-06-30-3, and APPLE-SA-2014-06-30-4. |
CVE-2014-1368
|
| VCID-zfj5-337e-aaah | CVE-2014-1342 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001) |
CVE-2014-1342
|
| VCID-zq4p-1q6q-aaag | Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays. |
CVE-2011-2829
|
| VCID-zycf-5kkv-aaan | Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." |
CVE-2011-1189
|
| VCID-zye8-ph3g-aaar | WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0960. |
CVE-2013-0961
|
| VCID-zyys-xy4m-aaas | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. |
CVE-2011-2814
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|