Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple webkit vulnerabilities and exploits
(subscribe to this query)
0.009
EPSS
CVE-2010-1760
loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150.
Apple Webkit
Apple Webkit R50173
Apple Webkit R56187
Apple Webkit R56188
Apple Webkit R56379
0.009
EPSS
CVE-2010-1386
page/Geolocation.cpp in WebCore in WebKit before r56188 and prior to 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357.
Apple Webkit
Apple Webkit R50173
0.004
EPSS
CVE-2016-4590
WebKit in Apple iOS prior to 9.3.3 and Safari prior to 9.1.2 mishandles about: URLs, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Apple Safari
Apple Webkit
0.005
EPSS
CVE-2010-1729
WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote malicious users to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
Apple Safari
Apple Webkit
0.030
EPSS
CVE-2016-4585
Cross-site scripting (XSS) vulnerability in the WebKit Page Loading implementation in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 allows remote malicious users to inject arbitrary web script or HTML via an HTTP response specifying redirection that is ...
Apple Webkit
0.017
EPSS
CVE-2016-4587
WebKit in Apple iOS prior to 9.3.3 and tvOS prior to 9.2.2 allows remote malicious users to obtain sensitive information from uninitialized process memory via a crafted web site.
Apple Webkit
0.006
EPSS
CVE-2016-4588
WebKit in Apple tvOS prior to 9.2.2 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Apple Webkit
0.010
EPSS
CVE-2016-4589
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE...
Apple Webkit
0.035
EPSS
CVE-2016-4591
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 mishandles the location variable, which allows remote malicious users to access the local filesystem via unspecified vectors.
Apple Webkit
0.008
EPSS
CVE-2010-2441
WebKit does not properly restrict focus changes, which allows remote malicious users to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295.
Apple Webkit
Preferred Score:
EPSS
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-13837
openanolis
shopwarden
mobatek
CVE-2024-13582
CVE-2025-25223
CVE-2025-24200
client side
CVE-2024-40591
CVE-2024-13627
type confusion
CSRF
softdiscover
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »