[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:17294
The host is installed with Apple Safari before 4.0.3 and is prone to an incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly properly handle unspecified homoglyphs. Successful exploitation could allow attackers to spoof domain names in URLs.

oval:org.secpod.oval:def:17299
The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle textnodes. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:17298
The host is installed with Apple Safari before 5.0.5 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle textnodes. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:17293
The host is installed with Apple Safari before 4.0.3 and is prone to an incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly properly handle unspecified homoglyphs. Successful exploitation could allow attackers to spoof domain names in URLs.

oval:org.mitre.oval:def:11802
Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a JavaScript array index.

oval:org.mitre.oval:def:11923
Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a (1) font-fa ...

oval:org.mitre.oval:def:7180
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations ...

oval:org.mitre.oval:def:7051
PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference to block cookies, which makes it easier for remote web servers to track users by setting a cookie in a (1) RSS or (2) Atom feed.

oval:org.mitre.oval:def:7053
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.

oval:org.mitre.oval:def:7295
WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, related to an "integer truncation issue." NOTE: this may overlap CVE-2010-1099.

oval:org.mitre.oval:def:7288
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the contentEditable attribute and removing container elements.

oval:org.mitre.oval:def:7041
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the removeChild DOM method.

oval:org.mitre.oval:def:7037
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database ...

oval:org.mitre.oval:def:7157
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML document subtrees.

oval:org.mitre.oval:def:7150
WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via an SVG document with nested use elements.

oval:org.mitre.oval:def:7031
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving caption elements.

oval:org.mitre.oval:def:7143
Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management.

oval:org.mitre.oval:def:7024
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 and Apple iTunes before 9.2 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to HTML but ...

oval:org.mitre.oval:def:5915
Apple Safari before 4.0.4 does not properly implement certain (1) Open Image and (2) Open Link menu options, which allows remote attackers to read local HTML files via a crafted web site.

oval:org.mitre.oval:def:7099
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary c ...

oval:org.mitre.oval:def:7082
Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involv ...

oval:org.mitre.oval:def:7197
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive inf ...

oval:org.mitre.oval:def:7199
Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.

oval:org.mitre.oval:def:7071
Double free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, related to duplicate event listeners, ...

oval:org.mitre.oval:def:6912
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISC ...

oval:org.mitre.oval:def:6915
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements.

oval:org.mitre.oval:def:6901
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.

oval:org.mitre.oval:def:12148
The host is installed with Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier or Apple iTunes before 10.2 and is prone to memory corruption vulnerability. The flaw is present in the ibxml2 before 2.7.8, which reads from invalid memory locations during processing of malformed XPath expre ...

oval:org.mitre.oval:def:6836
Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to trigger disclosure of data over IRC via vectors involving an IRC service port.

oval:org.mitre.oval:def:6709
WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, accesses uninitialized memory during a selection change on a form input element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.

oval:org.secpod.oval:def:14268
The host is installed with Apple Safari before 4.0.4 is prone to buffer overflow vulnerability. The flaw is present in the application which fails to properly handle a crafted ColorSync profile embedded in an image. Successful exploitation allows attacker to cause a denial of service.

oval:org.mitre.oval:def:6810
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.

oval:org.mitre.oval:def:6812
Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not provide a warning about a (1) http or (2) https URL that contains a username and password, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.

oval:org.mitre.oval:def:6882
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content."

oval:org.mitre.oval:def:6885
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image.

oval:org.mitre.oval:def:6649
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) paste or (2) drag-and-drop operation for ...

oval:org.mitre.oval:def:6888
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes 9.2 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to improper UTF-7 canonicalization, and lac ...

oval:org.mitre.oval:def:6871
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows allows remote attackers to inject arbitrary web script or HTML via a FRAME element with a SRC attribute composed of a javascript: sequence preceded by spaces.

oval:org.mitre.oval:def:6516
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to con ...

oval:org.mitre.oval:def:6876
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via HTML content that contains multiple :after pseudo-selecto ...

oval:org.mitre.oval:def:11112
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for input fields.

oval:org.mitre.oval:def:6981
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 or Apple iTunes on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving the :first-letter pseudo-element.

oval:org.mitre.oval:def:6741
Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.

oval:org.mitre.oval:def:6862
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving fonts.

oval:org.mitre.oval:def:5777
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to exec ...

oval:org.mitre.oval:def:6739
The execCommand JavaScript function in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, does not properly restrict remote execution of clipboard commands, which allows remote attackers to modify the clipboard via a crafted HTML document.

oval:org.mitre.oval:def:6208
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects.

oval:org.secpod.oval:def:751
The host is installed with Google Chrome before 4.0.249.78 or Apple Safari before 4.0.5 and is prone to information disclosure vulnerability. A flaw is present in the applications which fails to restrict cross-origin loading of CSS stylesheets when the stylesheet download has an incorrect MIME type ...

oval:org.secpod.oval:def:632
The host is installed with Google Chrome before 10.0.648.204 and is prone to denial of service vulnerability. A flaw is present in the application which does not properly handle parentage. Successful exploitation allow remote attackers to cause a denial of service or possibly have unspecified other ...

oval:org.mitre.oval:def:11777
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle just-in-time (JIT) compiled JavaScript stubs, which allows remote attackers to execute arbitrary code or cause a denial of service (a ...

oval:org.mitre.oval:def:11898
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression.

oval:org.mitre.oval:def:6656
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors related to a malformed URL.

oval:org.mitre.oval:def:7335
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving DOM Range objects.

oval:org.mitre.oval:def:6362
Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply.

oval:org.mitre.oval:def:11524
Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a JavaScript string object.

oval:org.mitre.oval:def:11766
The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servic ...

oval:org.mitre.oval:def:11639
Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via an RSS feed.

oval:org.mitre.oval:def:11877
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a floating element in an SVG docu ...

oval:org.mitre.oval:def:7323
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property.

oval:org.mitre.oval:def:7314
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving a certain window close action that occurs during a drag-and- ...

oval:org.mitre.oval:def:11729
Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers.

oval:org.mitre.oval:def:7374
WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 does not properly handle libxml contexts, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to an "API abuse issue."

oval:org.mitre.oval:def:7252
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML element that has custom vertical positioning.

oval:org.mitre.oval:def:7255
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, sends NTLM credentials in cleartext in unspecified circumstances, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

oval:org.mitre.oval:def:11962
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a use element in an SVG document.

oval:org.mitre.oval:def:11964
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related ...

oval:org.mitre.oval:def:11837
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a foreignObject element ...

oval:org.mitre.oval:def:11956
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.

oval:org.secpod.oval:def:2674
The host is missing a security update according to APPLE-SA-2011-04-14-3. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application which fail to properly handle CSS style and certain text nodes. Successful exploitation allows remote attackers ...

oval:org.secpod.oval:def:815
The host is installed with Apple Safari and is prone to multiple vulnerabilities. The flaws are present the application that are caused by input validation and implementation errors in WebKit. Successful exploitation allows attackers to bypass certain security checks, gain knowledge of sensitive inf ...

oval:org.mitre.oval:def:7005
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the Node.normalize method.

oval:org.mitre.oval:def:11820
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory cor ...

oval:org.mitre.oval:def:11941
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote attac ...

oval:org.mitre.oval:def:10964
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to elem ...

oval:org.mitre.oval:def:11935
WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to the rendering ...

oval:org.mitre.oval:def:7347
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, follows multiple redirections during form submission, which allows remote web servers to obtain sensitive information by recording the form data.

oval:org.mitre.oval:def:7346
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL.

oval:org.secpod.oval:def:40348
The host is missing a security update according to Apple advisory, APPLE-SA-2011-07-20-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote web servers to execute arbitrary code ...

oval:org.secpod.oval:def:1801183
CVE-2018-4246 Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling. Versions affected: WebKitGTK+ before 2.20.4 CVE-2018-4261 Processing maliciously crafted web content may lead to arbitrary code execution ...

oval:org.secpod.oval:def:44802
The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-8. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ...

oval:org.secpod.oval:def:704334
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:2000193
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.

oval:org.secpod.oval:def:14273
The host is installed with Apple Safari before 4.0.4 is prone to information disclosure vulnerability. The flaw is present in the application which fails to properly handle Open Image and Open Link menu options via a crafted web site. Successful exploitation allows attacker to execute arbitrary code ...

oval:org.secpod.oval:def:14271
The host is installed with Apple Safari before 4.0.4 is prone to cross-site request forgery vulnerability. The flaw is present in the application which fails to properly handle certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight. Successful exploitation a ...

oval:org.secpod.oval:def:14272
The host is installed with Apple Safari before 4.0.4 is prone to information disclosure vulnerability. The flaw is present in the application which fails to properly handle HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480. Successful exploitatio ...

oval:org.secpod.oval:def:15502
The host is installed with Apple Safari before 5.1.10 and is prone to remote code execution vulnerability. The flaw is present in the JavaScriptCore's JSArray::sort() method, which fails in proper bound checking. Successful exploitation could allow attackers to cause an unexpected application termin ...

oval:org.secpod.oval:def:15501
The host is missing an important security update according to Apple advisory, APPLE-SA-2013-09-12-2. The update is required to fix multiple vulnerabilities. The flaws are present in the JavaScriptCore's JSArray::sort() method, which fails in proper bound checking. Successful exploitation could allow ...

oval:org.secpod.oval:def:2981
The host is installed with Apple Safari before 5.1.1 and is prone to a security bypass vulnerability. A flaw is present in the application, a logic error when handling cookies while in Private Browsing mode. Successful exploitation could allow attackers to set cookies although the "Block cookies" op ...

oval:org.secpod.oval:def:2980
The host is installed with Apple Safari before 5.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle uninitialized memory during the processing of X.509 certificates. Successful exploitation could allow to execute arbitr ...

oval:org.secpod.oval:def:2982
The host is installed with Apple Safari before 5.1.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors involving inactive DOM windows. Successful exploitation could allow to execute arbitrary JavaScript code.

oval:org.secpod.oval:def:2985
The host is installed with Google Chrome before 10.0.648.204 or Apple Safari less than or equal to 5.0.5 and is prone to a denial of service vulnerability. A flaw is present in the applications, which do not properly handle parentage. Successful exploitation allow remote attackers to cause a denial ...

oval:org.secpod.oval:def:2987
The host is installed with Apple Safari before 5.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to enforce an intended policy for file: URLs. Successful exploitation could allow to execute arbitrary code.

oval:org.secpod.oval:def:2989
The host is missing a security update according to APPLE-SA-2011-07-20-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize crafted input. Successful exploitation could allow attackers to affect confidentiality, integrity, and a ...

oval:org.secpod.oval:def:2979
The host is installed with Apple Safari before 5.1.1 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle a crafted safari extension. Successful exploitation could allow to execute arbitrary JavaScript code.

oval:org.secpod.oval:def:2673
The host is missing a security update according to APPLE-SA-2011-04-14-3. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application which fail to properly handle CSS style and certain text nodes. Successful exploitation allows remote attackers ...

oval:org.secpod.oval:def:2672
The host is installed with Apple Safari before 5.0.5 and is prone to use-after-free vulnerability. A flaw is present in the application which fails to properly handle certain text nodes. Successful exploitation allows remote attackers to execute arbitrary code.

oval:org.secpod.oval:def:3394
The host is installed with Apple Safari before 5.1.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors involving inactive DOM windows. Successful exploitation could allow to execute arbitrary JavaScript code.

oval:org.secpod.oval:def:3395
The host is installed with Apple Safari before 5.1.1 and is prone to a security bypass vulnerability. A flaw is present in the application, a logic error when handling cookies while in Private Browsing mode. Successful exploitation could allow attackers to set cookies although the "Block cookies" op ...

oval:org.secpod.oval:def:3495
The host is installed with Apple Safari before 4.0.5 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to the run-in Cascading Style Sheets (CSS) display property. Successful exploitation could allow attackers to crash the ser ...

oval:org.secpod.oval:def:3496
The host is installed with Apple Safari and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors involving HTML IMG elements. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:3493
The host is installed with Apple Safari before 4.0.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted HTML document. Successful exploitation could allow attackers to disclose sensitive information.

oval:org.secpod.oval:def:3494
The host is installed with Apple Safari before 4.0.5 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to callbacks for HTML elements. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:3491
The host is installed with Apple Safari before 4.0.5 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle HTML elements with right-to-left (RTL) text directionality. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:3488
The host is installed with Apple Safari before 4.0.5 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted format arguments. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:3489
The host is installed with Apple Safari before 4.0.5 and is prone to a use after free vulnerability. A flaw is present in the application, vectors related to HTML object element fallback content. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:3487
The host is installed with Apple Safari before 4.0.5 and is prone to a information disclosure vulnerability. A flaw is present in the application, which fails to properly implement use of the Accept Cookies preference to block cookies. Successful exploitation could allow remote web servers to track ...

oval:org.secpod.oval:def:3693
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle vectors related to the rendering of an inline element. Successful exploitation could allow attackers to execute arbitr ...

oval:org.secpod.oval:def:3694
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted HTML document.. Successful exploitation could allow attackers to execute arbitrary code or crash the service ...

oval:org.secpod.oval:def:3691
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle JavaScript code that forces keystroke events for input fields. Successful exploitation could allow attackers to ...

oval:org.secpod.oval:def:3692
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors related to element focus. Successful exploitation could allow attackers to execute arbitrary code or crash the s ...

oval:org.secpod.oval:def:3697
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a floating element in an SVG document. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ...

oval:org.secpod.oval:def:3698
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a JavaScript string object. Successful exploitation could allow attackers to execute arbitrary code or crash the servi ...

oval:org.secpod.oval:def:3695
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to prevent access of uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text e ...

oval:org.secpod.oval:def:3696
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a floating element in an SVG document. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ...

oval:org.secpod.oval:def:3699
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle just-in-time (JIT) compiled JavaScript stubs. Successful exploitation could allow attackers to execute arbitrary code or crash ...

oval:org.secpod.oval:def:3690
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle a RSS feed. Successful exploitation could allow attackers to inject arbitrary web script or HTML.

oval:org.secpod.oval:def:3345
The host is installed with Apple Safari before 4.0.5 or Apple iTunes before 9.1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to ensure that memory access is associated with initialized memory. Successful exploitation could allow attackers to cr ...

oval:org.secpod.oval:def:3343
The host is installed with Apple Safari before 4.0.5 or Apple iTunes before 9.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to ensure that memory access is associated with initialized memory. Successful exploitation could allow attackers ...

oval:org.secpod.oval:def:3344
The host is installed with Apple Safari before 4.0.5 or Apple iTunes before 9.1 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to ensure that memory access is associated with initialized memory. Successful exploitation could allow attackers ...

oval:org.secpod.oval:def:3349
The host is installed with Apple Safari before 5.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to enforce an intended policy for file: URLs. Successful exploitation could allow to execute arbitrary code.

oval:org.secpod.oval:def:3348
The host is installed with Apple Safari before 5.1.1 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to handle a crafted safari extension. Successful exploitation could allow to execute arbitrary JavaScript code.

oval:org.secpod.oval:def:3811
The host is missing a security update according to Apple advisory, APPLE-SA-2010-11-18-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to execute a ...

oval:org.secpod.oval:def:3809
The host is installed with Apple Safari before 5.0.3 or 4.1.3 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to properly handle a non-SVG document. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:3701
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle vectors a crafted regular expression. Successful exploitation could allow attackers to execute arbitrary code or crash the serv ...

oval:org.secpod.oval:def:3702
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to multiple use-after-free vulnerabilities. The flaws are present in the application, which fails to handle a (1) font-face or (2) use element in an SVG document.. Successful exploitation could allow attackers to execute arbi ...

oval:org.secpod.oval:def:3700
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to an integer signedness vulnerability. A flaw is present in the application, which fails to handle vectors involving a JavaScript array index. Successful exploitation could allow attackers to execute arbitrary code or crash ...

oval:org.secpod.oval:def:3705
The host is installed with Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle run-in styling in an element. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:3706
The host is missing an important security update according to Apple advisory, APPLE-SA-2010-09-07-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute ...

oval:org.secpod.oval:def:3703
The host is installed with Apple Safari before 5.0.1 or 4.1.1 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted input. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:3704
The host is installed with Apple Safari before 5.0.2 or 4.1.2 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly validate floating-point data. Successful exploitation could allow attackers to execute arbitrary code or crash the servic ...

oval:org.mitre.oval:def:7403
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."

oval:org.mitre.oval:def:7561
ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image.

oval:org.mitre.oval:def:7554
WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of stylesheets, which allows remote attackers to obtain sensitive information via a crafted HTML document. NOTE: this might overlap CVE-2010-0651.

oval:org.secpod.oval:def:3783
The host is missing a security update according to Apple advisory, APPLE-SA-2010-11-18-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to execute a ...

oval:org.secpod.oval:def:3976
The host is missing an important security update according to Apple advisory, APPLE-SA-2011-10-12-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow to execute arbitrar ...

oval:org.secpod.oval:def:3977
The host is missing an important security update according to Apple advisory, APPLE-SA-2011-10-12-4. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow to execute arbitrar ...

oval:org.secpod.oval:def:45936
The host is installed with Apple Safari before 11.1.1 and is prone to an address bar spoofing vulnerability. A flaw is present in the applications, which fails to properly handle inconsistent user interface issues. Successful exploitation may lead to address bar spoofing.

oval:org.secpod.oval:def:45944
The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to cause arbitra ...

oval:org.secpod.oval:def:4342
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle a SRC attribute composed of a javascript: sequence preceded by spaces. Successful exploitation could allow remote attac ...

oval:org.secpod.oval:def:4343
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle a certain window close action that occurs during a drag-and-drop operation. Successful exploitation could allow remote attack ...

oval:org.secpod.oval:def:4340
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle libxml contexts. Successful exploitation could allow remote attackers to execute arbitrary code or crash the servi ...

oval:org.secpod.oval:def:4341
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site image capture issue. A flaw is present in the application, which fails to properly restrict the reading of a canvas that contains an SVG image pattern from a different web site. Successful exploitation could allow ...

oval:org.secpod.oval:def:4346
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child elem ...

oval:org.secpod.oval:def:4347
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors related to the Node.normalize method. Successful exploitation could allow remote attackers to execute arbitrary code ...

oval:org.secpod.oval:def:4344
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly restrict remote execution of clipboard commands. Successful exploitation could allow remote attackers to modify the clipboard ...

oval:org.secpod.oval:def:4345
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a webkit keyboard focus vulnerability. A flaw is present in the application, which fails to properly handle changes to keyboard focus that occur during processing of key press events. Successful exploitation could allow remote ...

oval:org.secpod.oval:def:4348
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors involving HTML document subtrees. Successful exploitation could allow remote attackers to execute arbitrary code or c ...

oval:org.secpod.oval:def:4349
The host is installed with Apple Safari before 4.1 or 5.0 or Google Chrome before 5.0.375.70 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted HTML document containing a BR element. Successful exploitation could allow re ...

oval:org.secpod.oval:def:4474
The host is installed with Apple Safari before 5.0.6 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to improper list management for Cascading Style Sheets (CSS). Successful exploitation could allow attackers to crash the se ...

oval:org.secpod.oval:def:4475
The host is installed with Apple Safari before 5.0.6 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to improper list management for Cascading Style Sheets (CSS). Successful exploitation could allow attackers to crash the se ...

oval:org.secpod.oval:def:4351
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle a crafted HTML document. Successful exploitation could allow remote attackers to execute arbitrary code or crash the service ...

oval:org.secpod.oval:def:4352
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle HTML content that contains multiple :after pseudo-selectors. Successful exploitation could allow remote attackers to corru ...

oval:org.secpod.oval:def:4350
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors involving fonts. Successful exploitation could allow remote attackers to execute arbitrary code or crash the service ...

oval:org.secpod.oval:def:4321
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors related to a malformed URL. Successful exploitation could allow attackers to inject arbitrary code.

oval:org.secpod.oval:def:4324
The host is installed with Apple Safari 4.0 before 4.1 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to HTML buttons and the first-letter CSS style. Successful exploitation could allow attackers to inject arbitrary code o ...

oval:org.secpod.oval:def:4325
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a HREF attribute associated with a redirecting URL. Successful exploitation could allow attackers to discover sensitive URLs.

oval:org.secpod.oval:def:4322
The host is installed with Apple Safari 4.0 before 4.1 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to attribute manipulation. Successful exploitation could allow attackers to inject arbitrary code or crash the service.

oval:org.secpod.oval:def:4323
The host is installed with Apple Safari 4.0 before 4.1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle UTF-7 encoded text. Successful exploitation could allow attackers to inject arbitrary code or crash the service.

oval:org.secpod.oval:def:4328
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform ordered list insertions. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ...

oval:org.secpod.oval:def:4329
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform ordered list insertions. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ...

oval:org.secpod.oval:def:4326
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors involving DOM constructor objects. Successful exploitation could allow attackers to inject arbitrary web script or HTML.

oval:org.secpod.oval:def:4327
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to a layout change during selection rendering and the DOCUMENT_POSITION_DISCONNECTED attribute in a container of an un ...

oval:org.secpod.oval:def:4331
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly perform ordered list insertions. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ...

oval:org.secpod.oval:def:4332
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle vectors related to an event listener in an SVG document. Successful exploitation could allow attackers to execute arbitrary code ...

oval:org.secpod.oval:def:4330
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle vectors involving caption elements. Successful exploitation could allow attackers to execute arbitrary code or crash the ser ...

oval:org.secpod.oval:def:4335
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle a HTML element that has custom vertical positioning. Successful exploitation could allow attackers to execute arbitrary code ...

oval:org.secpod.oval:def:4336
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted port number. Successful exploitation could allow attackers to bypass security restrictions.

oval:org.secpod.oval:def:4333
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a crafted document containing XML that triggers a parsing error. Successful exploitation could allow attackers to exec ...

oval:org.secpod.oval:def:4334
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to properly handle SVG document that contains recursive Use elements. Successful exploitation could allow attackers to execute arbitrary code or ...

oval:org.secpod.oval:def:4339
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use after free vulnerability. A flaw is present in the application, which fails to properly handle vectors related to hover events. Successful exploitation could allow remote attackers to execute arbitrary code or crash the ...

oval:org.secpod.oval:def:4337
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly handle vectors involving an IRC service port. Successful exploitation could allow remote attackers to trigger disclosure of d ...

oval:org.secpod.oval:def:4338
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a SVG document with nested use element. Successful exploitation could allow remote attackers to execute arbitrary code or ...

oval:org.secpod.oval:def:2001499
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ...

oval:org.secpod.oval:def:42607
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42606
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42605
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42611
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42610
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42615
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42614
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42613
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42612
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42616
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:4265
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors involving a (1) paste or (2) drag-and-drop operation for a selection. Successful exploitation allows user-assisted remot ...

oval:org.secpod.oval:def:4266
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors related to improper UTF-7 canonicalization, and lack of termination of a quoted string in an HTML document.

oval:org.secpod.oval:def:4263
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to improper window management. Successful exploitation could allow attackers to execute arbitrary code or crash the se ...

oval:org.secpod.oval:def:4264
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle vectors related to a crafted HTML document. Successful exploitation could allow attackers to read arbitrary files.

oval:org.secpod.oval:def:4269
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to the contentEditable attribute and removing container elements. Successful exploitation could allow attackers to ex ...

oval:org.secpod.oval:def:4267
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted URL. Successful exploitation could allow attackers to create arbitrary database files.

oval:org.secpod.oval:def:4268
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors involving HTML document fragments. Successful exploitation could allow attackers to inject arbitrary web script or HMTL.

oval:org.secpod.oval:def:4261
The host is installed with Apple Safari before 5.0 and is prone to an URL obfuscation vulnerability. A flaw is present in the application, which fails to handle a crafted URL. Successful exploitation could allow attackers to conduct phishing attacks.

oval:org.secpod.oval:def:2000468
An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" componen ...

oval:org.secpod.oval:def:4262
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a PDF handling vulnerability. A flaw is present in the application, which fails to handle a crafted PDF document. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:4276
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle multiple redirections during form submission. Successful exploitation could allow attackers to disclose sensitive information ...

oval:org.secpod.oval:def:4277
The host is missing a security update according to Apple advisory, APPLE-SA-2010-06-07-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation could allow attackers to disclose sensitive inform ...

oval:org.secpod.oval:def:4274
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to the removeChild DOM method. Successful exploitation could allow attackers to execute arbitrary code or crash the se ...

oval:org.secpod.oval:def:4275
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle vectors involving HTML in a TEXTAREA element. Successful exploitation could allow attackers to inject arbitrary web script or HT ...

oval:org.secpod.oval:def:4272
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which sends NTLM credentials in plain text. Successful exploitation could allow a man in the middle attacker to view the NTLM credentials.

oval:org.secpod.oval:def:4273
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to a use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to the removeChild DOM method. Successful exploitation could allow attackers to execute arbitrary code or crash the se ...

oval:org.secpod.oval:def:4270
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to handle vectors related to the Cascading Style Sheets (CSS) run-in property and multiple invocations of a destructor for a child element that ...

oval:org.secpod.oval:def:4271
The host is installed with Apple Safari before 4.1 or 5.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which passes the Referer header when an HTTPS site redirects to an HTTP site. Successful exploitation could allow attackers to obtain sensitive inf ...

oval:org.mitre.oval:def:7606
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to hover events.

oval:org.mitre.oval:def:7401
WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote attackers to read images from other sites via a crafted canvas, related to a "cross-site image captu ...

oval:org.mitre.oval:def:7519
WebKit in Apple Safari before 5.0 or iTunes on Windows, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers ...

oval:org.mitre.oval:def:7503
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element.

oval:org.secpod.oval:def:45307
The host is installed with Apple Safari before 11.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle a memory corruption issue. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:45305
The host is missing a security update according to Apple advisory, APPLE-SA-2018-04-24-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sens ...

oval:org.mitre.oval:def:7556
WebKit in Apple Safari before 5.0 or iTunes before 9.2 on Windows, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion o ...

oval:org.mitre.oval:def:7552
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML document fragments.

oval:org.secpod.oval:def:4757
The host is installed with Apple Safari before 5.1.4 and is prone to URL spoofing vulnerability. A flaw is present in the application, which fails to properly restrict the characters in URLs. Successful exploitation allows remote attackers to spoof a domain name via unspecified homoglyphs.

oval:org.secpod.oval:def:4758
The host is installed with Apple Safari before 5.1.4 and is prone to cookie setting vulnerability. A flaw is present in the application, which fails to properly block cookies from third parties and advertisers. Successful exploitation allows remote web servers to track users via a cookie.

oval:org.secpod.oval:def:4756
The host is missing a security update according to APPLE-SA-2012-03-12-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle malicious contents. Successful exploitation allows remote attackers to execute remote code or gai ...

oval:org.secpod.oval:def:4759
The host is installed with Apple Safari before 5.1.4 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle redirects in conjunction with HTTP authentication. Successful exploitation allows remote web servers to capture credentials ...

oval:org.mitre.oval:def:7497
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG document that contains recursive Use elements, which are not properly handled during ...

oval:org.secpod.oval:def:4820
The host is missing a security update according to APPLE-SA-2012-03-12-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle malicious contents. Successful exploitation allows remote attackers to execute remote code or gai ...

oval:org.secpod.oval:def:4821
The host is installed with Apple Safari before 5.1.4 and is prone to cookie setting vulnerability. A flaw is present in the application, which fails to properly block cookies from third parties and advertisers. Successful exploitation allows remote web servers to track users via a cookie.

oval:org.secpod.oval:def:4822
The host is installed with Apple Safari before 5.1.4 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle redirects in conjunction with HTTP authentication. Successful exploitation allows remote web servers to capture credentials ...

oval:org.mitre.oval:def:7476
WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document.

oval:org.secpod.oval:def:45884
The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:45885
The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.mitre.oval:def:7591
WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, does not properly handle changes to keyboard focus that occur during processing of key press events, which allows remote attackers to force arbitrary key presses via a crafted HTML document.

oval:org.mitre.oval:def:7464
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 or Apple iTunes before 9.2 on Windows, allows remote attackers to inject arbitrary web script or HTML via vectors involving DOM constructor objects, related to a "scope management issue."

oval:org.secpod.oval:def:45895
The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ...

oval:org.secpod.oval:def:45896
The host is missing a security update according to Apple advisory, APPLE-SA-2018-06-01-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ...

oval:org.secpod.oval:def:6543
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6542
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6541
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6540
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6547
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6546
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6545
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6544
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6549
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6548
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6554
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6553
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6552
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6551
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6558
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6557
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6556
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6555
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6559
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6550
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:5671
The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers bypass s ...

oval:org.secpod.oval:def:6529
The host is installed with Apple Safari before 6.0 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to properly handle the autocomplete attribute of a password input element. Successful exploitation could allow attackers to bypass authentication by lev ...

oval:org.secpod.oval:def:6528
The host is installed with Apple Safari before 6.0 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to handle a crafted feed URL. Successful exploitation could allow attackers to disclose sensitive information.

oval:org.secpod.oval:def:6527
The host is installed with Apple Safari before 6.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted feed URL. Successful exploitation could allow attackers to inject arbitrary web script.

oval:org.secpod.oval:def:5670
The host is installed with Apple Safari before 5.1.7 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly track state information during the processing of form input. Successful exploitation could allow attackers to fill in form fields on the ...

oval:org.secpod.oval:def:6532
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6531
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6530
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6536
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6535
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6534
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6533
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6539
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6538
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6537
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:5667
The host is installed with Apple Safari before 5.1.7 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly track state information during the processing of form input. Successful exploitation could allow attackers to fill in form fields on the ...

oval:org.secpod.oval:def:5668
The host is missing an important security update according to Apple advisory, APPLE-SA-2012-05-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers bypass s ...

oval:org.secpod.oval:def:6602
The host is installed with Apple Safari before 6.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle a crafted web site. Successful exploitation could allow attackers to disclose sensitive information.

oval:org.secpod.oval:def:6601
The host is installed with Apple Safari before 6.0 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle file: URLs. Successful exploitation could allow attackers to bypass intended sandbox restrictions and read arbitrary files.

oval:org.secpod.oval:def:6600
The host is installed with Apple Safari before 6.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle location.href property. Successful exploitation could allow attackers to inject arbitrary web script or HTML.

oval:org.secpod.oval:def:6603
The host is missing an important security update according to Apple advisory, APPLE-SA-2012-07-25-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to disclos ...

oval:org.secpod.oval:def:6587
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6586
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6585
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6584
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6589
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6588
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6583
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6582
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6581
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6580
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6598
The host is installed with Apple Safari before 6.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle drag-and-drop events. Successful exploitation could allow attackers to obtain sensitive information about full pathnames.

oval:org.secpod.oval:def:6597
The host is installed with Apple Safari before 6.0 and is prone to an incomplete blacklist vulnerability. A flaw is present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers to spoof domain names in URLs, and possibly conduct phishing at ...

oval:org.secpod.oval:def:6596
The host is installed with Apple Safari before 6.0 and is prone to a same origin bypass vulnerability. A flaw is present in the application, which fails to properly handle Cascading Style Sheets (CSS) property values. Successful exploitation could allow attackers to disclose sensitive information.

oval:org.secpod.oval:def:6595
The host is installed with Apple Safari before 6.0 and is prone to a same origin bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to disclose sensitive information.

oval:org.secpod.oval:def:6599
The host is installed with Apple Safari before 6.0 and is prone to a CRLF injection vulnerability. A flaw is present in the application, which fails to properly handle malicious data. Successful exploitation could allow attackers to inject arbitrary web script or HTML.

oval:org.secpod.oval:def:6590
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6594
The host is installed with Apple Safari before 6.0 and is prone to a same origin bypass vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to disclose sensitive information.

oval:org.secpod.oval:def:6593
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6592
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6591
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6565
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6564
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6563
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6562
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6569
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6568
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6567
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6566
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6561
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6560
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6576
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6575
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6574
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6573
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6579
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6578
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6577
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6572
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6571
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:6570
The host is installed with Apple Safari before 6.0 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle a crafted website. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

oval:org.secpod.oval:def:7732
The host is installed with Apple Safari before 6.0.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted website. Successful exploitation could allow remote attackers to obtain the Me card from an Address Book.

oval:org.secpod.oval:def:7733
The host is installed with Apple Safari before 6.0.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle https urls. Successful exploitation could allow user-assisted remote attackers to obtain sensitive information by sniffin ...

oval:org.secpod.oval:def:7731
The host is installed with Apple Safari before 6.0.1 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to handle quarantine attribute in HTML documents. Successful exploitation could allow user-assisted remote attackers to read arbitrary files by ...

oval:org.secpod.oval:def:9900
The host is missing a critical security update according to apple advisory, APPLE-SA-2013-03-14-2. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation could allow attackers t ...

oval:org.secpod.oval:def:7791
The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-11-01-2. The update is required to fix multiple arbitrary code execution vulnerabilities. The flaws are present in the application, which fails to handle a maliciously crafted website. Successful exploitation c ...

oval:org.secpod.oval:def:7784
The host is missing a security update according to Apple advisory, APPLE-SA-2012-09-19-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle malicious data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:7789
The host is installed with Apple Safari before 6.0.2 on Apple Mac OS X 10.7 or later, Safari before 5.1.10 on Mac OS X 10.6.x or Apple iTunes before 11.0.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fail to handle javascript arrays. Succes ...

oval:org.secpod.oval:def:2678
The host is installed with Google Chrome before 7.0.517.44 or Apple Safari before 5.0.4 and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to cause a denial of service (applicati ...

oval:org.secpod.oval:def:9896
The host is installed with Apple Safari before 6.0.3 or Apple iTunes before 11.0.3 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle malicious data. Successful exploitation could allow attackers to execute arbitrary code or cr ...

oval:org.secpod.oval:def:9897
The host is installed with Apple Safari before 6.0.3 or Apple iTunes before 11.0.3 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle malicious data. Successful exploitation could allow attackers to execute arbitrary code or cr ...

oval:org.secpod.oval:def:2000204
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ...

oval:org.secpod.oval:def:2000464
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ...

oval:org.secpod.oval:def:45942
The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle memory issues. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:2001407
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows ...

oval:org.secpod.oval:def:46817
The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information.

oval:org.secpod.oval:def:44801
The host is installed with Apple iCloud before 7.4, Apple iTunes before 12.7.4 or Google Chrome before 68.0.3440.75 and is prone to a cross-origin information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation cou ...

oval:org.secpod.oval:def:44800
The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:2000406
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ...

oval:org.secpod.oval:def:44812
The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:44814
The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:44823
The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:44824
The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:44825
The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:44826
The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:2001604
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ...

oval:org.secpod.oval:def:44821
The host is installed with Apple Safari before 11.1 and is prone to a memory corrpution vulnerability. A flaw is present in the applications, which fails to properly handle a malicious website. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:44829
The host is installed with Apple Safari before 11.1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service.

oval:org.secpod.oval:def:44830
The host is installed with Apple Safari before 11.1 or Google Chrome before 68.0.3440.75 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service ...

oval:org.secpod.oval:def:44831
The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ...

oval:org.secpod.oval:def:2000518
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ...

oval:org.secpod.oval:def:114649
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:2000168
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ...

oval:org.secpod.oval:def:704068
webkit2gtk: Web content engine library for GTK+ A security issue was fixed in WebKitGTK+.

oval:org.secpod.oval:def:2000156
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ...

oval:org.secpod.oval:def:704062
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:114541
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:2000389
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ...

oval:org.secpod.oval:def:114411
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKit2 based WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:114728
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:2001460
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ...

oval:org.secpod.oval:def:704127
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:46785
The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information.

oval:org.secpod.oval:def:46780
The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

oval:org.secpod.oval:def:46823
The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

oval:org.secpod.oval:def:51060
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:52040
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:44784
The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:44786
The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:44793
The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:44795
The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:44796
The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:44797
The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:44798
The host is installed with Apple iCloud before 7.4 or Apple iTunes before 12.7.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:45890
The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to execute a ...

oval:org.secpod.oval:def:45934
The host is installed with Apple Safari before 11.1.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the applications, which fails to properly handle maliciously crafted web content. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:2000536
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling.

oval:org.secpod.oval:def:704284
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:46294
The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle crafted content. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:46290
The host is installed with Apple iCloud before 7.6 or Apple iTunes before 12.8 and is prone to a cross-origin data bypass vulnerability. A flaw is present in the application, which fails to properly perform audio taint tracking. Successful exploitation could allow attackers to exfiltrate audio data ...

oval:org.secpod.oval:def:46304
The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a malicious website. Successful exploitation could allow attackers to spoof address bars or ...

oval:org.secpod.oval:def:46307
The host is installed with Apple Safari before 11.1.2 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a malicious website. Successful exploitation allows attackers to exfiltrate cross-origin the sound fetched through audio elements.

oval:org.secpod.oval:def:46311
The host is installed with Apple Safari before 11.1.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle multiple memory corruption issues. Successful exploitation allows attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:46303
The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ...

oval:org.secpod.oval:def:46302
The host is missing a security update according to Apple advisory, APPLE-SA-2018-7-9-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ...

oval:org.secpod.oval:def:45886
The host is installed with Apple iCloud before 7.5 or Apple iTunes before 12.7.5 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:703931
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:44922
The host is installed with Apple iCloud before 7.2 or Apple iTunes before 12.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:44923
The host is installed with Apple iCloud before 7.2 or Apple iTunes before 12.7.2 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle memory. Successful exploitation could allow attackers to execute arbitrary code.

oval:org.secpod.oval:def:113665
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:42608
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42609
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:42619
The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to ...

oval:org.secpod.oval:def:42618
The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-5. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation allow attackers to perf ...

oval:org.secpod.oval:def:42617
The host is installed with Apple Safari before 11.0.1 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could allow attackers to lead to arbitrary code execution.

oval:org.secpod.oval:def:44916
The host is installed with Apple Safari before 11.0.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation may lead to arbitrary code execution.

oval:org.secpod.oval:def:113634
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:113991
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:51986
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:113825
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:113612
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:113854
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:113936
WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3.

oval:org.secpod.oval:def:703886
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:43212
The host is missing a security update according to Apple advisory, APPLE-SA-2017-12-13-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successful exploitation c ...

oval:org.secpod.oval:def:43213
The host is missing a security update according to apple advisory, APPLE-SA-2017-12-13-4. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content or client certificates. Successf ...

oval:org.secpod.oval:def:703972
webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+.

oval:org.secpod.oval:def:43587
The host is missing a security update according to apple advisory, APPLE-SA-2018-1-23-6. The update is required to fix multiple memory corruption vulnerabilities.The flaws are present in the application, which fails to properly handle maliciously crafted web content. Successful exploitation could al ...

oval:org.secpod.oval:def:3497
The host is installed with Apple Safari before 4.0.5 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle user supplied input. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:3492
The host is installed with Apple Safari before 4.0.5 and is prone to use-after-free vulnerability. A flaw is present in the application, which fails to handle a HTML document with improperly nested tags. Successful exploitation could allow attackers to crash the service.

oval:org.secpod.oval:def:3486
The host is installed with Apple Safari before 5.0.4 and is prone to multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to crash the service.

oval:org.mitre.oval:def:7587
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.

oval:org.secpod.oval:def:14274
The host is missing an important security update according to Apple advisory, APPLE-SA-2009-11-11-1. The update is required to fix multiple vulnerabilities. The flaw is present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash the ...

oval:org.secpod.oval:def:14890
The host is missing an important security update according to Apple advisory, APPLE-SA-2009-11-11-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ...

oval:org.secpod.oval:def:1800708
CVE-2017-5753 Versions affected: WebKitGTK+ before 2.18.5.Impact: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis. This variant of the Spectre vulnerability triggers the spe ...

oval:org.secpod.oval:def:17340
The host is missing a security update according to APPLE-SA-2011-03-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code.

oval:org.secpod.oval:def:2677
The host is missing a security update according to APPLE-SA-2011-03-09-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application which fails to properly handle memory. Successful exploitation allows remote attackers to execute arbitrary code.

oval:org.secpod.oval:def:46789
The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

oval:org.secpod.oval:def:46752
The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact.

oval:org.secpod.oval:def:46827
The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

oval:org.secpod.oval:def:46821
The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

oval:org.secpod.oval:def:115120
Chromium is an open-source web browser, powered by WebKit .

oval:org.secpod.oval:def:53380
Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-4117 AhsanEjaz discovered an information leak. Rob Wu discovered a way to escalate privileges using extensions. CVE-2018-6150 Rob Wu discovered an information disclosure issue . CVE-2018-6151 Rob Wu discovered an issu ...

oval:org.secpod.oval:def:115022
Chromium is an open-source web browser, powered by WebKit .

CVE    263
CVE-2011-1295
CVE-2011-1344
CVE-2011-3242
CVE-2011-3243
...
*CPE
cpe:/a:apple:safari:4.0.0b

© SecPod Technologies