Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome epiphany vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-8375
The UIProcess subsystem in WebKit, as used in WebKitGTK up to and including 2.23.90 and WebKitGTK+ up to and including 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote malicious users to cause a denial of ser...
Webkitgtk Webkitgtk
Webkitgtk Webkitgtk\\+
Opensuse Leap 15.0
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit
9.8
CVSSv3
CVE-2010-1205
Buffer overflow in pngpread.c in libpng prior to 1.2.44 and 1.4.x prior to 1.4.3, as used in progressive applications, might allow remote malicious users to execute arbitrary code via a PNG image that triggers an additional data row.
Libpng Libpng
Google Chrome
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Mac Os X Server
Apple Mac Os X
Fedoraproject Fedora 13
Fedoraproject Fedora 12
Suse Linux Enterprise Server 10
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.2
Vmware Player
Vmware Workstation
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
1 EDB exploit
8.8
CVSSv3
CVE-2010-2753
Integer overflow in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allows remote malicious users to execute arbitrary code via a large selection attribute in a XUL tree elemen...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird 3.1
Mozilla Thunderbird
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Software Development Kit 11
8.8
CVSSv3
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
8.1
CVSSv3
CVE-2019-6251
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.
Gnome Epiphany
Wpewebkit Wpe Webkit
Webkitgtk Webkitgtk
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 42.3
Opensuse Leap 15.0
7.5
CVSSv3
CVE-2023-26081
In Epiphany (aka GNOME Web) up to and including 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
Gnome Epiphany
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-29536
In GNOME Epiphany prior to 41.4 and 42.x prior to 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
Gnome Epiphany
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2018-12016
libephymain.so in GNOME Web (aka Epiphany) up to and including 3.28.2.1 allows remote malicious users to cause a denial of service (application crash) via certain window.open and document.write calls.
Gnome Epiphany
7.5
CVSSv3
CVE-2018-11396
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) up to and including 3.28.2.1 allows remote malicious users to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
Gnome Epiphany
1 Github repository
7.5
CVSSv3
CVE-2017-1000025
GNOME Web (Epiphany) 3.23 prior to 3.23.5, 3.22 prior to 3.22.6, 3.20 prior to 3.20.7, 3.18 prior to 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
Gnome Epiphany 3.23.1.2
Gnome Epiphany 3.18.0
Gnome Epiphany 3.18.1
Gnome Epiphany 3.18.4
Gnome Epiphany 3.18.6
Gnome Epiphany 3.20.0
Gnome Epiphany 3.20.2
Gnome Epiphany 3.20.4
Gnome Epiphany 3.22.2
Gnome Epiphany 3.22.4
Gnome Epiphany 3.18.2
Gnome Epiphany 3.20.5
Gnome Epiphany 3.20.6
Gnome Epiphany 3.22.0
Gnome Epiphany 3.22.1
Gnome Epiphany 3.18.7
Gnome Epiphany 3.18.8
Gnome Epiphany 3.18.9
Gnome Epiphany 3.18.10
Gnome Epiphany 3.23.1
Gnome Epiphany 3.23.2
Gnome Epiphany 3.23.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »