Vulnerabilities (CVE)

Filtered by vendor Apple Subscribe
Filtered by product Safari
Total 1323 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23841 6 Apple, Debian, Netapp and 3 more 15 Ipad Os, Iphone Os, Macos and 12 more 2021-06-17 4.3 MEDIUM 5.9 MEDIUM
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
CVE-2021-1799 3 Apple, Fedoraproject, Webkitgtk 8 Ipad Os, Iphone Os, Macos and 5 more 2021-06-02 4.3 MEDIUM 6.5 MEDIUM
A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. A malicious website may be able to access restricted ports on arbitrary servers.
CVE-2021-1844 2 Apple, Fedoraproject 7 Ipad Os, Iphone Os, Macos and 4 more 2021-05-31 6.8 MEDIUM 8.8 HIGH
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-1788 2 Apple, Fedoraproject 8 Ipados, Iphone Os, Mac Os X and 5 more 2021-05-31 6.8 MEDIUM 8.8 HIGH
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-3864 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2021-05-18 7.2 HIGH 7.8 HIGH
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.
CVE-2019-8846 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2021-05-18 9.3 HIGH 8.8 HIGH
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8835 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8844 2 Apple, Redhat 10 Icloud, Ipados, Iphone Os and 7 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8816 2 Apple, Redhat 10 Icloud, Ipados, Iphone Os and 7 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8815 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8814 2 Apple, Redhat 9 Icloud, Ipados, Iphone Os and 6 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8689 2 Apple, Redhat 10 Icloud, Iphone Os, Itunes and 7 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8688 2 Apple, Redhat 10 Icloud, Iphone Os, Itunes and 7 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8684 2 Apple, Redhat 10 Icloud, Iphone Os, Itunes and 7 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8672 2 Apple, Redhat 10 Icloud, Iphone Os, Itunes and 7 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8676 2 Apple, Redhat 10 Icloud, Iphone Os, Itunes and 7 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8669 2 Apple, Redhat 10 Icloud, Iphone Os, Itunes and 7 more 2021-05-18 9.3 HIGH 8.8 HIGH
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8544 2 Apple, Redhat 9 Icloud, Iphone Os, Itunes and 6 more 2021-05-18 9.3 HIGH 8.8 HIGH
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8536 2 Apple, Redhat 9 Icloud, Iphone Os, Itunes and 6 more 2021-05-18 9.3 HIGH 8.8 HIGH
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8506 2 Apple, Redhat 9 Icloud, Iphone Os, Itunes and 6 more 2021-05-18 9.3 HIGH 8.8 HIGH
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.