Safari CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (1593 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-40857	1 Apple	7 Ipados, Iphone Os, Macos and 4 more	2025-11-04	6.1 Medium
This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2024-44308	3 Apple, Debian, Redhat	8 Ipad Os, Ipados, Iphone Os and 5 more	2025-11-04	8.8 High
The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
CVE-2024-44309	3 Apple, Debian, Redhat	13 Ipad Os, Ipados, Iphone Os and 10 more	2025-11-04	6.3 Medium
A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
CVE-2025-43327	1 Apple	2 Macos, Safari	2025-11-04	6.5 Medium
The issue was addressed by adding additional logic. This issue is fixed in Safari 26. Visiting a malicious website may lead to address bar spoofing.
CVE-2025-31254	1 Apple	5 Ios, Ipad Os, Ipados and 2 more	2025-11-04	5.4 Medium
This issue was addressed with improved URL validation. This issue is fixed in Safari 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to unexpected URL redirection.
CVE-2024-54534	2 Apple, Redhat	13 Ipados, Iphone Os, Macos and 10 more	2025-11-03	8.8 High
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2024-54508	2 Apple, Redhat	13 Ipados, Iphone Os, Macos and 10 more	2025-11-03	7.5 High
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-54505	2 Apple, Redhat	13 Ipados, Iphone Os, Macos and 10 more	2025-11-03	6.5 Medium
A type confusion issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2024-54502	2 Apple, Redhat	13 Ipados, Iphone Os, Macos and 10 more	2025-11-03	6.5 Medium
The issue was addressed with improved checks. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-54479	2 Apple, Redhat	13 Ipados, Iphone Os, Macos and 10 more	2025-11-03	7.5 High
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-44296	2 Apple, Redhat	10 Ipados, Iphone Os, Macos and 7 more	2025-11-03	5.4 Medium
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
CVE-2024-44259	1 Apple	6 Ios, Ipados, Iphone Os and 3 more	2025-11-03	8.8 High
This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. An attacker may be able to misuse a trust relationship to download malicious content.
CVE-2025-31192	1 Apple	4 Ipados, Iphone Os, Macos and 1 more	2025-11-03	6.7 Medium
The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A website may be able to access sensor information without user consent.
CVE-2025-31184	1 Apple	5 Ipados, Iphone Os, Macos and 2 more	2025-11-03	7.8 High
This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may gain unauthorized access to Local Network.
CVE-2025-30467	1 Apple	4 Ipados, Iphone Os, Macos and 1 more	2025-11-03	4.3 Medium
The issue was addressed with improved checks. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Visiting a malicious website may lead to address bar spoofing.
CVE-2025-30427	2 Apple, Redhat	13 Ipados, Iphone Os, Macos and 10 more	2025-11-03	4.3 Medium
A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-30425	1 Apple	5 Ipados, Iphone Os, Macos and 2 more	2025-11-03	4.3 Medium
This issue was addressed through improved state management. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. A malicious website may be able to track users in Safari private browsing mode.
CVE-2025-24264	2 Apple, Redhat	11 Ipados, Iphone Os, Macos and 8 more	2025-11-03	9.8 Critical
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, Safari 18.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2024-44246	1 Apple	4 Ipados, Iphone Os, Macos and 1 more	2025-11-03	4.3 Medium
The issue was addressed with improved routing of Safari-originated requests. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, Safari 18.2, iPadOS 17.7.3. On a device with Private Relay enabled, adding a website to the Safari Reading List may reveal the originating IP address to the website.
CVE-2024-44244	2 Apple, Redhat	13 Ipados, Iphone Os, Macos and 10 more	2025-11-03	4.3 Medium
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash.

« first previous Page 5 of 80. next last »