Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple webcore vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-1008
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari prior to 3.1, allows remote malicious users to inject arbitrary web script or HTML via the document.domain property.
Apple Safari 0.8
Apple Safari 1.3.2
Apple Safari 2.0
Apple Safari 3.0.4
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 2.0.2
Apple Safari 2.0.4
Apple Safari 1.3
Apple Safari 1.3.1
Apple Safari 3.0.2
Apple Safari 3.0.3
Apple Safari 1.1
Apple Safari 1.2
Apple Safari 3.0
Apple Safari 3.0.1
4.3
CVSSv2
CVE-2008-1004
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari prior to 3.1, allows remote malicious users to inject arbitrary web script or HTML via unknown vectors related to the Web Inspector.
Apple Safari 1.0
Apple Safari 1.1
Apple Safari 2.0.4
Apple Safari 3.0
Apple Safari 1.2
Apple Safari 1.3
Apple Safari 3.0.1
Apple Safari 3.0.2
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 2.0
Apple Safari 2.0.2
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 3.0.3
Apple Safari 3.0.4
2.1
CVSSv2
CVE-2008-1005
WebCore, as used in Apple Safari prior to 3.1, does not properly mask the password field when reverse conversion is used with the Kotoeri input method, which allows physically proximate malicious users to read the password.
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 2.0.4
Apple Safari 3.0
Apple Safari 1.1
Apple Safari 1.2
Apple Safari 1.3
Apple Safari 3.0.1
Apple Safari 3.0.2
Apple Safari 0.8
Apple Safari 2.0
Apple Safari 2.0.2
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 3.0.3
Apple Safari 3.0.4
4.3
CVSSv2
CVE-2008-1006
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari prior to 3.1, allows remote malicious users to inject arbitrary web script or HTML by using the window.open function to change the security context of a web page.
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 2.0.2
Apple Safari 2.0.4
Apple Safari 1.1
Apple Safari 1.2
Apple Safari 3.0
Apple Safari 3.0.1
Apple Safari 0.8
Apple Safari 1.3.2
Apple Safari 2.0
Apple Safari 1.3
Apple Safari 1.3.1
Apple Safari 3.0.3
Apple Safari 3.0.4
Apple Safari 3.0.2
4.3
CVSSv2
CVE-2008-1003
Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple Safari prior to 3.1, allows remote malicious users to inject arbitrary web script or HTML via unknown vectors related to sites that set the document.domain property or have the same document.domain.
Apple Safari 1.0
Apple Safari 1.1
Apple Safari 2.0.4
Apple Safari 3.0
Apple Safari 1.2
Apple Safari 1.3
Apple Safari 3.0.1
Apple Safari 3.0.2
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 2.0
Apple Safari 2.0.2
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 3.0.3
Apple Safari 3.0.4
5.8
CVSSv2
CVE-2010-3813
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari prior to 5.0.3 on Mac OS X 10.5 up to and including 10.6 and Windows, and prior to 4.1.3 on Mac OS X 10.4; webkitgtk prior to 1.2.6; and possibly other products d...
Apple Safari
Apple Safari 5.0.1
Apple Safari 5.0
Apple Webkit
Apple Safari 4.1.1
Apple Safari 3.1.0b
Apple Safari 3.1.0
Apple Safari 3.0.4b
Apple Safari 3.0.1
Apple Safari 3.0.0b
Apple Safari 2.0.3
Apple Safari 1.3.2
Apple Safari 1.2.2
Apple Safari 1.2.1
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 3.2.1
Apple Safari 3.2.0
Apple Safari 3.0.3
Apple Safari 3.0.2b
Apple Safari 3
Apple Safari 2.0.4
10
CVSSv2
CVE-2010-1760
loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150.
Apple Webkit
Apple Webkit R56188
Apple Webkit R56379
Apple Webkit R50173
Apple Webkit R56187
4.3
CVSSv2
CVE-2007-4695
Unspecified "input validation" vulnerability in WebCore in Apple Mac OS X 10.4 up to and including 10.4.10 allows remote malicious users to modify form field values via unknown vectors related to file uploads.
Apple Mac Os X 10.4.5
Apple Mac Os X 10.4.6
Apple Mac Os X Server 10.4.3
Apple Mac Os X Server 10.4.4
Apple Mac Os X 10.4.10
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.9
Apple Mac Os X Server 10.4.1
Apple Mac Os X Server 10.4.8
Apple Mac Os X Server 10.4.9
Apple Mac Os X 10.4.3
Apple Mac Os X 10.4.4
Apple Mac Os X Server 10.4.10
Apple Mac Os X Server 10.4.2
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.7
Apple Mac Os X 10.4.8
Apple Mac Os X Server 10.4.5
Apple Mac Os X Server 10.4.6
Apple Mac Os X Server 10.4.7
5
CVSSv2
CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari prior to 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which al...
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 0.9
Apple Safari 0.8
Apple Safari 1.3
Apple Safari 1.2.5
Apple Safari 3.0.0b
Apple Safari 3.0.0
Apple Safari 1.0.0b2
Apple Safari 1.0.0b1
Apple Safari 2
Apple Safari 1.3.2
Apple Safari 1.2.2
Apple Safari 1.2.1
Apple Safari 2.0 Pre
Apple Safari 2.0.4 419.3
Apple Safari 2.0.3
Apple Safari 2.0.2
Apple Safari 3.0.2b
Apple Safari 3.0.2
Apple Safari 3.0.1b
Apple Safari 3.2
4.3
CVSSv2
CVE-2007-4696
Race condition in WebCore in Apple Mac OS X 10.4 up to and including 10.4.10 allows remote malicious users to obtain information for forms from other sites via unknown vectors related to "page transitions" in Safari.
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.10
Apple Mac Os X 10.4.9
Apple Mac Os X Server 10.4.1
Apple Mac Os X Server 10.4.7
Apple Mac Os X Server 10.4.8
Apple Mac Os X 10.4.4
Apple Mac Os X 10.4.5
Apple Mac Os X 10.4.6
Apple Mac Os X Server 10.4.3
Apple Mac Os X Server 10.4.4
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.3
Apple Mac Os X Server 10.4.10
Apple Mac Os X Server 10.4.2
Apple Mac Os X Server 10.4.9
Apple Mac Os X 10.4.7
Apple Mac Os X 10.4.8
Apple Mac Os X Server 10.4.5
Apple Mac Os X Server 10.4.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »