Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webkitgtk vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2010-1792
WebKit in Apple Safari prior to 5.0.1 on Mac OS X 10.5 up to and including 10.6 and Windows, and prior to 4.1.1 on Mac OS X 10.4; and webkitgtk prior to 1.2.6; allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application ...
Apple Safari
Apple Safari 4.0.5
Apple Webkit
Apple Safari 4.0.4
Apple Safari 4.0.3
Apple Safari 4.0.1
Apple Safari 4.0
Apple Safari 4.0.0b
Apple Safari 4.0.2
9.3
CVSSv2
CVE-2010-1783
WebKit in Apple Safari prior to 5.0.1 on Mac OS X 10.5 up to and including 10.6 and Windows, and prior to 4.1.1 on Mac OS X 10.4; and webkitgtk prior to 1.2.6; does not properly handle dynamic modification of a text node, which allows remote malicious users to execute arbitrary c...
Apple Safari 4.0.4
Apple Safari 4.0.3
Apple Safari 4.0.1
Apple Safari 4.0
Apple Safari 4.0.0b
Apple Safari 4.0.2
Apple Safari
Apple Safari 4.0.5
Apple Webkit
7.8
CVSSv2
CVE-2016-4591
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 mishandles the location variable, which allows remote malicious users to access the local filesystem via unspecified vectors.
Apple Webkit
7.5
CVSSv2
CVE-2021-1870
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a re...
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Iphone Os
Apple Ipad Os
Apple Macos
Webkitgtk Webkitgtk
Fedoraproject Fedora 32
Fedoraproject Fedora 33
1 Article
7.5
CVSSv2
CVE-2021-1871
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. A remote attacker may be able to cause arbitrary code execution. Apple is aware of a re...
Apple Mac Os X
Apple Mac Os X 10.15.7
Apple Iphone Os
Apple Ipad Os
Apple Macos
Debian Debian Linux 10.0
Fedoraproject Fedora 33
1 Article
7.5
CVSSv2
CVE-2020-13753
The bubblewrap sandbox of WebKitGTK and WPE WebKit, before 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbox. TIOCSTI can be used to direct...
Wpewebkit Wpe Webkit
Webkitgtk Webkitgtk
Fedoraproject Fedora 31
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
7.5
CVSSv2
CVE-2020-10018
WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory ha...
Webkitgtk Webkitgtk
Wpewebkit Wpe Webkit
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Opensuse Leap 15.1
7.5
CVSSv2
CVE-2019-8375
The UIProcess subsystem in WebKit, as used in WebKitGTK up to and including 2.23.90 and WebKitGTK+ up to and including 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote malicious users to cause a denial of ser...
Webkitgtk Webkitgtk
Webkitgtk Webkitgtk\\+
Opensuse Leap 15.0
Opensuse Leap 42.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
1 EDB exploit
7.5
CVSSv2
CVE-2018-12911
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.
Webkitgtk Webkitgtk\\+ 2.20.3
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
7.5
CVSSv2
CVE-2017-1000121
The UNIX IPC layer in WebKit, including WebKitGTK+ before 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple p...
Webkitgtk Webkitgtk\\+
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »