This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-03-08
Updated
2024-03-14
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings.
Max CVSS
3.3
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-02-26
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing.
Max CVSS
4.3
EPSS Score
0.32%
Published
2023-02-27
Updated
2023-12-28
A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions.
Max CVSS
4.3
EPSS Score
0.21%
Published
2022-09-20
Updated
2022-12-08
A user interface issue was addressed. This issue is fixed in watchOS 8.5, Safari 15.4. Visiting a malicious website may lead to address bar spoofing.
Max CVSS
4.3
EPSS Score
0.08%
Published
2022-03-18
Updated
2022-03-24
The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, iOS 14.0 and iPadOS 14.0. Visiting a malicious website may lead to address bar spoofing.
Max CVSS
4.3
EPSS Score
0.10%
Published
2020-12-08
Updated
2023-01-09
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing.
Max CVSS
4.3
EPSS Score
0.08%
Published
2020-12-08
Updated
2020-12-09
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, Safari 14.0.1. Visiting a malicious website may lead to address bar spoofing.
Max CVSS
4.3
EPSS Score
0.13%
Published
2020-12-08
Updated
2022-06-02
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, Safari 13.1.2. Visiting a malicious website may lead to address bar spoofing.
Max CVSS
4.3
EPSS Score
0.13%
Published
2020-12-08
Updated
2022-06-02
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode.
Max CVSS
3.3
EPSS Score
0.04%
Published
2020-10-16
Updated
2020-10-20
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
Max CVSS
4.3
EPSS Score
0.43%
Published
2020-10-16
Updated
2023-01-09
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1. A malicious iframe may use another website’s download settings.
Max CVSS
4.3
EPSS Score
0.10%
Published
2020-04-01
Updated
2020-04-03
A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory.
Max CVSS
3.1
EPSS Score
1.78%
Published
2020-04-01
Updated
2022-06-02
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated.
Max CVSS
4.3
EPSS Score
0.23%
Published
2020-04-01
Updated
2020-04-03
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed.
Max CVSS
4.3
EPSS Score
0.23%
Published
2020-04-01
Updated
2022-05-31
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing.
Max CVSS
4.3
EPSS Score
0.08%
Published
2020-02-27
Updated
2020-03-02
An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may reveal sites a user has visited.
Max CVSS
4.3
EPSS Score
0.11%
Published
2020-10-27
Updated
2021-07-21
The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited.
Max CVSS
4.3
EPSS Score
0.17%
Published
2020-10-27
Updated
2020-10-29
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6, Safari 12.1.2. Visiting a malicious website may lead to address bar spoofing.
Max CVSS
4.3
EPSS Score
0.08%
Published
2019-12-18
Updated
2019-12-19
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.
Max CVSS
4.3
EPSS Score
0.05%
Published
2019-04-03
Updated
2019-04-05
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
Max CVSS
4.3
EPSS Score
0.16%
Published
2019-04-03
Updated
2019-04-05
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12.
Max CVSS
4.3
EPSS Score
0.08%
Published
2019-04-03
Updated
2019-04-04
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.
Max CVSS
4.3
EPSS Score
0.58%
Published
2019-01-11
Updated
2020-08-24
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to overwrite cookies via a crafted web site.
Max CVSS
4.3
EPSS Score
0.42%
Published
2018-06-08
Updated
2019-10-03
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling.
Max CVSS
4.3
EPSS Score
0.23%
Published
2017-10-23
Updated
2017-10-26
170 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!