Spoofable Address Bar

WebKitGTK+ is vulnerable to spoofable address bar. Due to lack of proper implementation of the history feature, it allows remote attackers to spoof the address bar via unspecified vectors...

Use-after-free

WebKitGTK+ is use-after-free. The attack is possible because it allows an attacker to execute arbitrary code or cause a denial of service application crash via vectors related to improper handling of MIME types by plug-ins...

Denial Of Service (DoS)

WebKitGTK+ is vulnerable to denial of service DoS. Due use-after-free flaws found in WebKit, malicious web content causes an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Use-after-free

WebKitGTK+ is vulnerable to use-after-free. The attack is possible because it does not check a node type before performing a cast, which has unspecified impact and attack vectors related to 1 DeleteSelectionCommand.cpp, 2 InsertLineBreakCommand.cpp, or 3 InsertParagraphSeparatorCommand.cpp in...

Use-after-free

WebKitGTK+ is vulnerable to use-after-free. It is due to flaws caused via a 1 font-face or 2 use element in an SVG document, allowing an attacker to use malicious web content to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Denial Of Service (DoS)

WebKitGTK+ is vulnerable to denial of service DoS. Due use-after-free flaws caused by vectors involving selections, malicious web content leads an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Denial Of Service (DoS)

WebKitGTK+ is vulnerable to denial of service DoS. Due via vectors involving form menus, malicious web content causes an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Denial Of Service (DoS)

WebKitGTK+ is vulnerable to denial of service DoS. Due use-after-free flaws caused by vectors involving selections, malicious web content leads an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Denial Of Service (DoS)

WebKitGTK+ is vulnerable to denial of service DoS. Due to memory corruption flaws found in WebKit, malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Arbitrary Code Execution

WebKitGTK+ is vulnerable to arbitrary code execution. Multiple use-after-free flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Denial Of Service (DoS)

WebKitGTK+ is use-after-free flaws. It does not properly handle just-in-time JIT compiled JavaScript stubs, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document, related to a "reentrancy issue."...

Denial Of Service (DoS)

WebKitGTK+ is vulnerable to Denial of Service DoS. It is due to some flaws allowing remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted regular expression...

Arbitrary Code Execution

webkitgtk is vulnerable to arbitrary code execution. Multiple memory corruption flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Arbitrary Code Execution

webkitgtk is vulnerable to arbitrary code execution. Multiple memory corruption flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

Arbitrary Code Execution

webkitgtk is vulnerable to arbitrary code execution. Multiple memory corruption flaws were found in WebKit. Malicious web content could cause an application using WebKitGTK+ to crash or, potentially, execute arbitrary code with the privileges of the user running the application...

CVE-2018-18064

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c the generate and renderrows functions and cairo-image-compositor.c the cairoimagespansandzero function...

Ubuntu 18.04 LTS : WebKitGTK+ vulnerability (USN-4310-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4310-1 advisory. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote...

USN-4310-1 webkit2gtk vulnerability

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

USN-4310-1: WebKitGTK+ vulnerability

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

CVE-2019-11070

WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video HLS, DASH, or Smooth Streaming, an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded...