Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webkit vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-12294
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.
Webkit Webkitgtk\\+
NA
CVE-2010-1126
The JavaScript implementation in WebKit allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
Apple Webkit
NA
CVE-2010-2441
WebKit does not properly restrict focus changes, which allows remote malicious users to read keystrokes via "cross-domain IFRAME gadgets," a different vulnerability than CVE-2010-1126, CVE-2010-1422, and CVE-2010-2295.
Apple Webkit
NA
CVE-2008-1590
JavaScriptCore in WebKit on Apple iPhone prior to 2.0 and iPod touch prior to 2.0 does not properly perform runtime garbage collection, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trig...
Webkit Javascriptcore
8.8
CVSSv3
CVE-2016-4589
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4622, CVE-2016-4623, and CVE...
Apple Webkit
7.5
CVSSv3
CVE-2016-4591
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 mishandles the location variable, which allows remote malicious users to access the local filesystem via unspecified vectors.
Apple Webkit
NA
CVE-2010-1729
WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote malicious users to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
Apple Safari
Apple Webkit
3.1
CVSSv3
CVE-2016-4583
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 allows remote malicious users to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document.
Apple Webkit -
Webkitgtk Webkitgtk\\+
5.4
CVSSv3
CVE-2016-4590
WebKit in Apple iOS prior to 9.3.3 and Safari prior to 9.1.2 mishandles about: URLs, which allows remote malicious users to bypass the Same Origin Policy via a crafted web site.
Apple Webkit
Apple Safari
6.5
CVSSv3
CVE-2016-4592
WebKit in Apple iOS prior to 9.3.3, Safari prior to 9.1.2, and tvOS prior to 9.2.2 allows remote malicious users to cause a denial of service (memory consumption) via a crafted web site.
Apple Webkit -
Webkitgtk Webkitgtk\\+
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »