Safari

safari

Vendor: Apple • 1,598 CVEs

CVEs (1,598)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-40779 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jul 29, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Pro...Show more An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2024-40776 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jul 29, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6....Show more A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2024-27851 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jun 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The issue was addressed with improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing maliciously crafted web content may...Show more The issue was addressed with improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2024-27850 1Apple 5Ipados Iphone OsMacos+2 more Apr 2, 2026 Jun 10, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. A maliciously crafted webpage may be able to fin...Show more This issue was addressed with improvements to the noise injection algorithm. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. A maliciously crafted webpage may be able to fingerprint the user.Show less
CVE-2024-27844 1Apple 3Macos SafariVisionos Apr 2, 2026 Jun 10, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 The issue was addressed with improved checks. This issue is fixed in Safari 17.5, macOS Sonoma 14.5, visionOS 1.2. A website's permission dialog may persist after navigation away from the site.
CVE-2024-27838 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jun 10, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The issue was addressed by adding additional logic. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously craf...Show more The issue was addressed by adding additional logic. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously crafted webpage may be able to fingerprint the user.Show less
CVE-2024-27833 1Apple 5Ipados Iphone OsSafari+2 more Apr 2, 2026 Jun 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An integer overflow was addressed with improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2. Processing maliciously crafted web co...Show more An integer overflow was addressed with improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2024-27830 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jun 10, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 This issue was addressed through improved state management. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously crafted webpage may be abl...Show more This issue was addressed through improved state management. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. A maliciously crafted webpage may be able to fingerprint the user.Show less
CVE-2024-27820 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jun 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing web...Show more The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing web content may lead to arbitrary code execution.Show less
CVE-2024-27808 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jun 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing web content may lead to arbitrary...Show more The issue was addressed with improved memory handling. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing web content may lead to arbitrary code execution.Show less
CVE-2024-27834 4Apple FedoraprojectWebkitgtk+1 more 9Fedora IpadosIphone Os+6 more Apr 2, 2026 May 14, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and wr...Show more The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.Show less
CVE-2024-4558 3Apple FedoraprojectGoogle 6Chrome FedoraIpados+3 more Nov 4, 2025 May 7, 2024 N/A· v4 9.6 CRITICAL· v3 N/A· v2 Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-23271 1Apple 6Ipados Iphone OsMacos+3 more Apr 2, 2026 Apr 24, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A logic issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A malicious website may cause unexpected cross-origin behavior.
CVE-2023-42956 1Apple 4Ipados Iphone OsMacos+1 more Nov 21, 2024 Mar 28, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service.
CVE-2023-42950 1Apple 6Ipados Iphone OsMacos+3 more Nov 3, 2025 Mar 28, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content m...Show more A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution.Show less
CVE-2024-23284 4Apple FedoraprojectWebkitgtk+1 more 10Fedora IpadosIphone Os+7 more Apr 2, 2026 Mar 8, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing...Show more A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.Show less
CVE-2024-23280 4Apple FedoraprojectWebkitgtk+1 more 9Fedora Ipad OsIphone Os+6 more Apr 2, 2026 Mar 8, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprin...Show more An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user.Show less
CVE-2024-23273 1Apple 4Ipad Os Iphone OsMacos+1 more Apr 2, 2026 Mar 8, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.
CVE-2024-23263 4Apple FedoraprojectWebkitgtk+1 more 10Fedora IpadosIphone Os+7 more Apr 2, 2026 Mar 8, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing malic...Show more A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.Show less
CVE-2024-23254 4Apple FedoraprojectWebkitgtk+1 more 10Fedora Ipad OsIphone Os+7 more Apr 2, 2026 Mar 8, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cro...Show more The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin.Show less

Previous 1...789...80 Next