Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Safari  Security Vulnerabilities
CVE-2014-1313
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
CVSS Score
6.8
EPSS Score
0.008
Published
2014-04-02
CVE-2014-1297
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access.
CVSS Score
5.0
EPSS Score
0.002
Published
2014-04-02
CVE-2014-1298
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
CVSS Score
6.8
EPSS Score
0.016
Published
2014-04-02
CVE-2014-1299
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
CVSS Score
6.8
EPSS Score
0.008
Published
2014-04-02
CVE-2014-1301
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
CVSS Score
6.8
EPSS Score
0.013
Published
2014-04-02
CVE-2014-1302
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
CVSS Score
6.8
EPSS Score
0.018
Published
2014-04-02
CVE-2014-1304
WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1.
CVSS Score
6.8
EPSS Score
0.016
Published
2014-04-02
CVE-2014-1300
Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014.
CVSS Score
10.0
EPSS Score
0.085
Published
2014-03-26
CVE-2014-1303
Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.
CVSS Score
10.0
EPSS Score
0.317
Published
2014-03-26
CVE-2013-6835
TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote attackers to obtain telephone number or e-mail address information via a facetime-audio: URL.
CVSS Score
5.0
EPSS Score
0.195
Published
2014-03-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved