Lucene search
+L

95 matches found

OSV
OSV
added 2022/06/01 12:0 a.m.37 views

DSA-5155-1 wpewebkit - security update

Bulletin has no description...

8.8CVSS8.3AI score0.02158EPSS
Exploits1
OSV
OSV
added 2022/03/04 6:45 a.m.17 views

OPENSUSE-SU-2022:0705-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.34.6 bsc1196133: - CVE-2022-22620: Processing maliciously crafted web content may have lead to arbitrary code execution. Update to version 2.34.5 bsc1195735: - CVE-2022-22589: A validation issue was addressed with improve...

9.3CVSS8.2AI score0.16342EPSS
Exploits4References18
Exploit DB
Exploit DB
added 2019/01/02 12:0 a.m.35 views

WebKit JSC - 'JSArray::shiftCountWithArrayStorage' Out-of-Bounds Read/Write

/ bool JSArray::shiftCountWithArrayStorageVM& vm, unsigned startIndex, unsigned count, ArrayStorage storage unsigned oldLength = storage-length; RELEASEASSERTcount hasHoles && this-structurevm-holesMustForwardToPrototypevm, this || hasSparseMap || shouldUseSlowPutindexingType return false; if...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2018/09/28 12:0 a.m.31 views

CVE-2018-4207

In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...

8.8CVSS7.2AI score0.02045EPSS
Exploits0References4
OSV
OSV
added 2017/11/01 9:29 p.m.8 views

CVE-2017-1000121

The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process. This vulnerability does not affect Apple products...

9.8CVSS6.8AI score
Exploits0References2
Cvelist
Cvelist
added 2017/10/23 1:0 a.m.24 views

CVE-2017-7095

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to...

7.8AI score0.01603EPSS
Exploits1References8
seebug.org
seebug.org
added 2017/04/07 12:0 a.m.36 views

WebKit: Use-after-free in JSC::B3::Procedure::resetReachability(CVE-2017-2470)

Note: It seems it doesn't crash the JSC compiled without Address Sanitizer. PoC: function for var i = 0; i 1000000; ++i const v = Array & 1 ? v : 1; typeof o = 'object'; ; Asan Log: ==32191==ERROR: AddressSanitizer: heap-use-after-free on address 0x607000099738 at pc 0x000106c7af16 bp...

6.8CVSS8AI score0.06267EPSS
Exploits3
OSV
OSV
added 2017/04/02 1:59 a.m.7 views

CVE-2017-2454

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and...

8.8CVSS8.9AI score
Exploits0References8
CNVD
CNVD
added 2015/08/18 12:0 a.m.4 views

Apple iOS Safari WebKit Security Bypass Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability exists in WebKit in Apple Safari used in Apple iOS, which can be exploited by attackers to perform man-in-the-middle attacks and obtain sensitive information through sniffing the...

6.4CVSS6.2AI score0.0194EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.66 views

WebKit / Appl Safari / Google Chrome security vulnerabilities

Race conditions, use-after-free...

10CVSS2.1AI score0.14415EPSS
Exploits3References2Affected Software2
Cvelist
Cvelist
added 2011/03/10 8:0 p.m.24 views

CVE-2011-1344

Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 CDMA; and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag,...

9.2AI score0.05916EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2010/07/30 8:30 p.m.46 views

CVE-2010-1782

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via vectors related to the rendering...

9.3CVSS6.2AI score0.05961EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.45 views

Fedora 11 : qt-4.6.2-8.fc11 (2010-4524)

This update fixes several WebKit security issues: CVE-2010-0046: CSS format argument memory corruption CVE-2010-0049: Use of freed line boxes in mixed LTR/RTL text CVE-2010-0050: Crash at HTMLParser after handling misnested style tags CVE-2010-0051 CVE-2010-0651: Remote information disclosure...

9.3CVSS7.8AI score0.11637EPSS
Exploits5References10
CVE
CVE
added 2010/06/11 5:28 p.m.66 views

CVE-2010-1388

CVE-2010-1388 affects WebKit in Apple Safari prior to 5.0 on macOS X 10.5–10.6 and prior to 4.1 on OS X 10.4. The vulnerability arises from how the clipboard handles URLs during drag and paste, enabling user-assisted remote attackers to read arbitrary files via a crafted HTML document. Public ref...

4.3CVSS7.7AI score0.02741EPSS
Exploits0References10Affected Software2
NVD
NVD
added 2010/02/18 6:0 p.m.23 views

CVE-2010-0651

WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive...

4.3CVSS7.5AI score0.0175EPSS
Exploits0References17
Rows per page
Query Builder