Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webkitgtk webkitgtk vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-25363
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK prior to 2.36.8 allows malicious users to execute code remotely.
Webkitgtk Webkitgtk
5.3
CVSSv3
CVE-2013-7324
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote malicious users to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME de...
Webkitgtk Webkitgtk
7.5
CVSSv3
CVE-2015-2330
Late TLS certificate verification in WebKitGTK+ before 2.6.6 allows remote malicious users to view a secure HTTP request, including, for example, secure cookies.
Webkitgtk Webkitgtk
NA
CVE-2010-1807
WebKit in Apple Safari 4.x prior to 4.1.2 and 5.x prior to 5.0.2; Android prior to 2.2; and webkitgtk prior to 1.2.6; does not properly validate floating-point data, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via...
Apple Safari 4.0.5
Apple Safari 4.1
Apple Safari 4.0.0b
Apple Safari 4.1.1
Apple Safari 4.0
Apple Safari 4.0.3
Apple Safari 4.0.4
Apple Safari 4.0.1
Apple Safari 4.0.2
Apple Safari 5.0.1
Apple Safari 5.0
Google Android
Google Android 1.6
Google Android 1.5
Google Android 2.0
Google Android 1.1
Google Android 1.0
Webkitgtk Webkitgtk 1.2.0
Webkitgtk Webkitgtk 1.2.2
Webkitgtk Webkitgtk 1.2.1
Webkitgtk Webkitgtk 1.2.4
Webkitgtk Webkitgtk 1.2.3
2 EDB exploits
8.8
CVSSv3
CVE-2021-21806
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.
Webkitgtk Webkitgtk 2.30.3
8.8
CVSSv3
CVE-2020-13558
A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.
Webkitgtk Webkitgtk 2.30.1
8.8
CVSSv3
CVE-2020-13543
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerab...
Webkitgtk Webkitgtk 2.30.0
NA
CVE-2010-3255
Google Chrome prior to 6.0.472.53 and webkitgtk prior to 1.2.6 do not properly handle counter nodes, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Google Chrome
Webkitgtk Webkitgtk
6.5
CVSSv3
CVE-2018-11713
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be ...
Webkitgtk Webkitgtk\\+
Gnome Libsoup
6.1
CVSSv3
CVE-2019-8764
A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting.
Apple Watchos
Webkitgtk Webkitgtk\\+
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »