Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webkitgtk vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-8375
The UIProcess subsystem in WebKit, as used in WebKitGTK up to and including 2.23.90 and WebKitGTK+ up to and including 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote malicious users to cause a denial of ser...
Webkitgtk Webkitgtk
Webkitgtk Webkitgtk\\+
Opensuse Leap 15.0
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit
9.8
CVSSv3
CVE-2018-12911
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.
Webkitgtk Webkitgtk\\+ 2.20.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
9.8
CVSSv3
CVE-2017-1000121
The UNIX IPC layer in WebKit, including WebKitGTK+ before 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple p...
Webkitgtk Webkitgtk\\+
9.8
CVSSv3
CVE-2010-4197
Use-after-free vulnerability in WebKit, as used in Google Chrome prior to 7.0.517.44, webkitgtk prior to 1.2.6, and other products, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via vectors involving text editing.
Google Chrome
Webkitgtk Webkitgtk
Fedoraproject Fedora 13
9.8
CVSSv3
CVE-2010-4204
WebKit, as used in Google Chrome prior to 7.0.517.44, webkitgtk prior to 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown...
Google Chrome
Webkitgtk Webkitgtk
Fedoraproject Fedora 13
9.6
CVSSv3
CVE-2016-4734
WebKit in Apple iOS prior to 10, Safari prior to 10, and tvOS prior to 10 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4733, a...
Apple Safari
Apple Iphone Os
Apple Tvos
8.8
CVSSv3
CVE-2023-42950
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution.
Apple Macos
Apple Safari
Apple Watchos
Apple Iphone Os
Apple Ipados
Apple Tvos
8.8
CVSSv3
CVE-2024-23213
The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Watchos
Apple Tvos
Apple Safari
8.8
CVSSv3
CVE-2024-23222
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been expl...
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Tvos
Apple Safari
Apple Visionos
2 Articles
8.8
CVSSv3
CVE-2023-42833
A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. Processing web content may lead to arbitrary code execution.
Apple Macos
Apple Iphone Os
Apple Ipados
Apple Safari
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »