Filtered by vendor Webkitgtk
Subscriptions
Filtered by product Webkitgtk\+
Subscriptions
Total
63 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-1000121 | 1 Webkitgtk | 1 Webkitgtk\+ | 2024-11-14 | 9.8 Critical |
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products. | ||||
CVE-2022-42826 | 3 Apple, Redhat, Webkitgtk | 6 Ipados, Iphone Os, Macos and 3 more | 2024-10-09 | 8.8 High |
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
CVE-2017-1000122 | 1 Webkitgtk | 1 Webkitgtk\+ | 2024-09-17 | N/A |
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process. This vulnerability does not affect Apple products. | ||||
CVE-2023-41993 | 7 Apple, Debian, Fedoraproject and 4 more | 14 Ipados, Iphone Os, Macos and 11 more | 2024-09-03 | 8.8 High |
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | ||||
CVE-2023-42916 | 5 Apple, Debian, Fedoraproject and 2 more | 8 Ipados, Iphone Os, Macos and 5 more | 2024-08-14 | 6.5 Medium |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. | ||||
CVE-2016-4761 | 2 Canonical, Webkitgtk | 2 Ubuntu Linux, Webkitgtk\+ | 2024-08-06 | 8.8 High |
WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS | ||||
CVE-2016-4583 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2024-08-06 | N/A |
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from an unintended web site via a timing attack involving an SVG document. | ||||
CVE-2016-4592 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2024-08-06 | N/A |
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted web site. | ||||
CVE-2016-1856 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1857. | ||||
CVE-2016-1858 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which allows remote attackers to obtain sensitive information via a crafted web site. | ||||
CVE-2016-1859 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | ||||
CVE-2016-1857 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1854, CVE-2016-1855, and CVE-2016-1856. | ||||
CVE-2016-1854 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1855, CVE-2016-1856, and CVE-2016-1857. | ||||
CVE-2016-1783 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | ||||
CVE-2016-1724 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2024-08-05 | N/A |
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1727. | ||||
CVE-2016-1727 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2024-08-05 | N/A |
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-1724. | ||||
CVE-2017-2369 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | ||||
CVE-2017-2365 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | ||||
CVE-2017-2363 | 2 Apple, Webkitgtk | 5 Iphone Os, Safari, Tvos and 2 more | 2024-08-05 | N/A |
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | ||||
CVE-2017-2373 | 2 Apple, Webkitgtk | 4 Iphone Os, Safari, Tvos and 1 more | 2024-08-05 | N/A |
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. |