Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webkitgtk webkitgtk vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-25362
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK prior to 2.36.8 allows malicious users to execute code remotely.
Webkitgtk Webkitgtk
8.8
CVSSv3
CVE-2023-25363
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK prior to 2.36.8 allows malicious users to execute code remotely.
Webkitgtk Webkitgtk
5.3
CVSSv3
CVE-2017-1000122
The UNIX IPC layer in WebKit, including WebKitGTK+ before 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple products.
Webkitgtk Webkitgtk+
9.8
CVSSv3
CVE-2017-1000121
The UNIX IPC layer in WebKit, including WebKitGTK+ before 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple p...
Webkitgtk Webkitgtk+
8.8
CVSSv3
CVE-2021-21806
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.
Webkitgtk Webkitgtk 2.30.3
8.8
CVSSv3
CVE-2020-13543
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerab...
Webkitgtk Webkitgtk 2.30.0
8.8
CVSSv3
CVE-2020-13558
A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.
Webkitgtk Webkitgtk 2.30.1
9.8
CVSSv3
CVE-2019-8375
The UIProcess subsystem in WebKit, as used in WebKitGTK up to and including 2.23.90 and WebKitGTK+ up to and including 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote malicious users to cause a denial of ser...
Webkitgtk Webkitgtk
Webkitgtk Webkitgtk+
Opensuse Leap 42.3
Opensuse Leap 15.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit
3.1
CVSSv3
CVE-2016-4583
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 allows remote malicious users to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document.
Apple Webkit -
Webkitgtk Webkitgtk+
6.5
CVSSv3
CVE-2016-4592
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 allows remote malicious users to cause a denial of service (memory consumption) via a crafted web site.
Apple Webkit -
Webkitgtk Webkitgtk+
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »