Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apple safari 1.2.4 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2005-0341
Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote malicious users to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks.
Apple Safari 1.2.4
169
VMScore
CVE-2008-3644
Apple Safari prior to 3.2 does not properly prevent caching of form data for form fields that have autocomplete disabled, which allows local users to obtain sensitive information by reading the browser's page cache.
Apple Safari
Apple Safari 1.0
Apple Safari 1.3
Apple Safari 1.3.1
Apple Safari 2.0.3 417.9.3
Apple Safari 2.0.4
Apple Safari 3.0.2
Apple Safari 3.0.3
Apple Safari 3.1.1
Apple Safari 1.1
Apple Safari 0.8
Apple Safari 1.1.1
Apple Safari 1.2.1
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 2.0.4 419.3
Apple Safari 2.0 Pre
Apple Safari 3.0.4
Apple Safari 1.0.3
Apple Safari 1.2
Apple Safari 1.2.4
Apple Safari 1.2.5
383
VMScore
CVE-2008-4216
The plug-in interface in WebKit in Apple Safari prior to 3.2 does not prevent plug-ins from accessing local URLs, which allows remote malicious users to obtain sensitive information via vectors that "launch local files."
Apple Safari 1.0
Apple Safari 1.1.1
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 2.0.4
Apple Safari 2.0.4 419.3
Apple Safari 3.0.3
Apple Safari 1.1
Apple Safari
Apple Safari 0.8
Apple Safari 0.9
Apple Safari 1.2.1
Apple Safari 1.2.2
Apple Safari 2
Apple Safari 2.0
Apple Safari 2.0 Pre
Apple Safari 3
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 2.0.3
Apple Safari 2.0.3 417.9.3
Apple Safari 3.0.2
828
VMScore
CVE-2008-3623
Heap-based buffer overflow in CoreGraphics in Apple Safari prior to 3.2 on Windows, in iPhone OS 1.0 up to and including 2.2.1, and in iPhone OS for iPod touch 1.1 up to and including 2.2.1 allows remote malicious users to execute arbitrary code or cause a denial of service (appl...
Apple Safari
Apple Safari 0.8
Apple Safari 1.2
Apple Safari 1.2.1
Apple Safari 1.3.2
Apple Safari 2
Apple Safari 2.0.4 419.3
Apple Safari 2.0 Pre
Apple Safari 3.0.3
Apple Safari 0.9
Apple Safari 1.0
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 2.0
Apple Safari 2.0.1
Apple Safari 3
Apple Safari 3.0
Apple Safari 3.0.4
Apple Safari 3.0.4 Beta
Apple Safari 1.1
Apple Safari 1.1.1
Apple Safari 1.3
668
VMScore
CVE-2009-3455
Apple Safari, possibly prior to 4.0.3, on Mac OS X does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafte...
Apple Safari 4.0.2
Apple Safari 4.0.1
Apple Safari 4.0.0b
Apple Safari 4.0
Apple Safari 3.0
Apple Safari 3.0.4
Apple Safari 0.8
Apple Safari 1.3.1
Apple Safari 1.3.2
Apple Safari 1.3
Apple Safari 2.0.2
Apple Safari 3.2.1
Apple Safari 3.1
Apple Safari 3.1.2
Apple Safari 1.1
Apple Safari 1.2
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 3.0.0
Apple Safari 3.0.1
Apple Safari 3.0.3
Apple Safari
435
VMScore
CVE-2009-0162
Cross-site scripting (XSS) vulnerability in Safari prior to 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 prior to 10.5.7 and Windows allows remote malicious users to inject arbitrary web script or HTML via a crafted feed: URL.
Apple Safari 1.0
Apple Safari 1.0.0b1
Apple Safari 1.2
Apple Safari 1.0.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 2
Apple Safari 2.0.3
Apple Safari 3.0
Apple Safari 3.0.0
Apple Safari 3.1.1
Apple Safari 3.1.2
Apple Safari 1.0.1
Apple Safari 1.0.0b2
Apple Safari 1.2.2
Apple Safari 1.2.3
Apple Safari 2.0.1
Apple Safari 2.0.2
Apple Safari 2.0.4
Apple Safari 3
Apple Safari 3.1.0
Apple Safari 3.1
1 EDB exploit
828
VMScore
CVE-2009-0945
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari prior to 3.2.3 and 4 Public Beta, iPhone OS 1.0 up to and including 2.2.1, iPhone OS for iPod touch 1.1 up to and including 2.2.1, Google Chrome Stable prior to 1.0.154.65, and possibly other prod...
Apple Safari 0.9
Apple Safari 1.0.2
Apple Safari 1.1.0
Apple Safari 1.1
Apple Safari 0.8
Apple Safari 1.0.3
Apple Safari 1.0.0
Apple Safari 1.2.0
Apple Safari 1.1.1
Apple Safari 1.3.0
Apple Safari 1.3.2
Apple Safari 1.3
Apple Safari 2.0.3
Apple Safari 3.0.1
Apple Safari 3.0.2
Apple Safari 3.2
Apple Safari 3.2.0
Apple Safari 1.0
Apple Safari 1.0.0b1
Apple Safari 1.2
Apple Safari 1.2.4
Apple Safari 1.2.5
940
VMScore
CVE-2010-1807
WebKit in Apple Safari 4.x prior to 4.1.2 and 5.x prior to 5.0.2; Android prior to 2.2; and webkitgtk prior to 1.2.6; does not properly validate floating-point data, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via...
Apple Safari 4.0.5
Apple Safari 4.1
Apple Safari 4.0.0b
Apple Safari 4.1.1
Apple Safari 4.0
Apple Safari 4.0.3
Apple Safari 4.0.4
Apple Safari 4.0.1
Apple Safari 4.0.2
Apple Safari 5.0.1
Apple Safari 5.0
Google Android
Google Android 1.6
Google Android 1.5
Google Android 2.0
Google Android 1.1
Google Android 1.0
Webkitgtk Webkitgtk 1.2.0
Webkitgtk Webkitgtk 1.2.2
Webkitgtk Webkitgtk 1.2.1
Webkitgtk Webkitgtk 1.2.4
Webkitgtk Webkitgtk 1.2.3
2 EDB exploits
828
VMScore
CVE-2011-0216
Off-by-one error in libxml in Apple Safari prior to 5.0.6 allows remote malicious users to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.
Apple Safari 2.0.1
Apple Safari 1.2.2
Apple Safari 2.0.2
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 1.0.2
Apple Safari 1.0.0
Apple Safari 2.0.3
Apple Safari 2.0.4
Apple Safari 2.0
Apple Safari 1.1
Apple Safari 3.2.1
Apple Safari 3.1.0
Apple Safari 3.0.4b
Apple Safari 1.2.0
Apple Safari 1.2.1
Apple Safari 1.2.5
Apple Safari 1.3
Apple Safari 3.0
Apple Safari 3.0.3
Apple Safari 5.0
Apple Safari 1.3.2
383
VMScore
CVE-2011-0217
Apple Safari prior to 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote malicious users to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields.
Apple Safari 1.3.1
Apple Safari 1.2.2
Apple Safari 1.3.2
Apple Safari 1.1.1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 5.0.1
Apple Safari 2.0.4
Apple Safari 3.0.3b
Apple Safari 2
Apple Safari 3.1.1
Apple Safari 3.0.1b
Apple Safari 3.1.0b
Apple Safari 3.1.0
Apple Safari 3.1.2
Apple Safari 5.0.4
Apple Safari 2.0.1
Apple Safari 2.0.3
Apple Safari 1.3.0
Apple Safari 1.0.3
Apple Safari 1.0.2
Apple Safari 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »