Filtered by vendor Webkitgtk Subscriptions
Total 120 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-2363 2 Apple, Webkitgtk 5 Iphone Os, Safari, Tvos and 2 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2373 2 Apple, Webkitgtk 4 Iphone Os, Safari, Tvos and 1 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-2350 2 Apple, Webkitgtk 4 Iphone Os, Safari, Tvos and 1 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2354 2 Apple, Webkitgtk 6 Icloud, Iphone Os, Itunes and 3 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-2355 2 Apple, Webkitgtk 6 Icloud, Iphone Os, Itunes and 3 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access and application crash) via a crafted web site.
CVE-2017-2356 2 Apple, Webkitgtk 6 Icloud, Iphone Os, Itunes and 3 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before 6.1.1 is affected. iTunes before 12.5.5 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2017-2360 2 Apple, Webkitgtk 5 Iphone Os, Mac Os X, Tvos and 2 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
CVE-2018-12911 2 Canonical, Webkitgtk 2 Ubuntu Linux, Webkitgtk\+ 2024-08-05 N/A
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.
CVE-2018-12293 3 Canonical, Webkitgtk, Wpewebkit 3 Ubuntu Linux, Webkitgtk\+, Wpe Webkit 2024-08-05 N/A
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content.
CVE-2018-11713 3 Gnome, Redhat, Webkitgtk 3 Libsoup, Enterprise Linux, Webkitgtk\+ 2024-08-05 N/A
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection.
CVE-2018-11712 2 Redhat, Webkitgtk 2 Enterprise Linux, Webkitgtk\+ 2024-08-05 N/A
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.
CVE-2018-11646 1 Webkitgtk 1 Webkitgtk\+ 2024-08-05 N/A
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
CVE-2018-4162 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4207 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-08-05 N/A
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
CVE-2018-4212 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-08-05 N/A
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
CVE-2018-4213 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-08-05 N/A
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
CVE-2018-4163 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4208 4 Apple, Canonical, Microsoft and 1 more 9 Icloud, Iphone Os, Itunes and 6 more 2024-08-05 N/A
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
CVE-2018-4127 4 Apple, Canonical, Microsoft and 1 more 8 Icloud, Iphone Os, Itunes and 5 more 2024-08-05 N/A
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
CVE-2018-4210 4 Apple, Canonical, Microsoft and 1 more 8 Iphone Os, Itunes, Safari and 5 more 2024-08-05 N/A
In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.