Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
webkitgtk webkitgtk vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-11712
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections....
Webkitgtk Webkitgtk\\+ 2.20.1
Webkitgtk Webkitgtk\\+ 2.20.0
5.3
CVSSv3
CVE-2017-1000122
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple products....
Webkitgtk Webkitgtk\\+
6.5
CVSSv3
CVE-2021-45481
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889....
Webkitgtk Webkitgtk
8.8
CVSSv3
CVE-2020-13558
A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free....
Webkitgtk Webkitgtk 2.30.1
1 Github repository available
5.3
CVSSv3
CVE-2013-7324
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME desktop...
Webkitgtk Webkitgtk
7.5
CVSSv3
CVE-2018-11646
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash....
Webkitgtk Webkitgtk\\+
2 EDB exploits available
1 Metasploit module available
6.5
CVSSv3
CVE-2021-45483
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889....
Webkitgtk Webkitgtk
9.8
CVSSv3
CVE-2019-8375
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or...
Webkitgtk Webkitgtk
Webkitgtk Webkitgtk\\+
Opensuse Leap 15.0
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit available
1 Github repository available
8.8
CVSSv3
CVE-2021-21806
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability....
Webkitgtk Webkitgtk 2.30.3
8.8
CVSSv3
CVE-2020-13543
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this...
Webkitgtk Webkitgtk 2.30.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-31805
dos
CVE-2022-26727
CVE-2022-26712
CVE-2022-1529
CVE-2022-20807
template injection
CVE-2022-26690
cross-site scripting
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »
Vulmon