Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Apple Subscribe
Filtered by product Webkit

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7006 1 Apple 4 Iphone Os, Safari, Tvos and 1 more 2019-10-03 2.6 LOW 5.3 MEDIUM
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct a timing side-channel attack to bypass the Same Origin Policy and obtain sensitive information via a crafted web site that uses SVG filters.
CVE-2017-7038 1 Apple 4 Iphone Os, Safari, Tvos and 1 more 2019-03-25 4.3 MEDIUM 6.1 MEDIUM
A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
CVE-2016-4592 2 Apple, Webkitgtk 5 Iphone Os, Safari, Tvos and 2 more 2019-03-20 7.1 HIGH 6.5 MEDIUM
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site.
CVE-2016-4587 1 Apple 3 Iphone Os, Tvos, Webkit 2019-03-19 4.3 MEDIUM 6.5 MEDIUM
WebKit in Apple iOS before 9.3.3 and tvOS before 9.2.2 allows remote attackers to obtain sensitive information from uninitialized process memory via a crafted web site.
CVE-2016-4585 1 Apple 4 Iphone Os, Safari, Tvos and 1 more 2019-03-18 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to inject arbitrary web script or HTML via an HTTP response specifying redirection that is mishandled by Safari.
CVE-2016-4590 1 Apple 3 Iphone Os, Safari, Webkit 2018-10-09 4.3 MEDIUM 5.4 MEDIUM
WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.