Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webkitgtk vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-11712
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.
Webkitgtk Webkitgtk\\+ 2.20.1
Webkitgtk Webkitgtk\\+ 2.20.0
8.8
CVSSv3
CVE-2023-25360
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK prior to 2.36.8 allows malicious users to execute code remotely.
Webkitgtk Webkitgtk
8.8
CVSSv3
CVE-2023-25361
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK prior to 2.36.8 allows malicious users to execute code remotely.
Webkitgtk Webkitgtk
8.8
CVSSv3
CVE-2023-25362
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK prior to 2.36.8 allows malicious users to execute code remotely.
Webkitgtk Webkitgtk
8.8
CVSSv3
CVE-2023-25363
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK prior to 2.36.8 allows malicious users to execute code remotely.
Webkitgtk Webkitgtk
5.3
CVSSv3
CVE-2017-1000122
The UNIX IPC layer in WebKit, including WebKitGTK+ before 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple products.
Webkitgtk Webkitgtk\\+
7.5
CVSSv3
CVE-2015-2330
Late TLS certificate verification in WebKitGTK+ before 2.6.6 allows remote malicious users to view a secure HTTP request, including, for example, secure cookies.
Webkitgtk Webkitgtk
6.5
CVSSv3
CVE-2021-45481
In WebKitGTK prior to 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889.
Webkitgtk Webkitgtk
6.5
CVSSv3
CVE-2021-45482
In WebKitGTK prior to 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-2021-30889.
Webkitgtk Webkitgtk
6.5
CVSSv3
CVE-2021-45483
In WebKitGTK prior to 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
Webkitgtk Webkitgtk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »