3777 matches found
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may disclose sensitive user information
A flaw was found in WebKitGTK. Processing malicious web content can disclose sensitive user information due to improper state management...
webkitgtk: A download’s origin may be incorrectly associated
A flaw was found in WebKitGTK. A malicious website can cause the origin of a download to be incorrectly associated with the wrong site due to improper checks, allowing an attacker to trick a user into downloading a malicious file...
RHEL 7 : webkitgtk4 (RHSA-2025:15729)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15729 advisory. WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. Security...
RLSA-2025:13780 Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: angle: insufficient input validation can cause undefined behavior CVE-2025-6558 webkitgtk: A download?s origin may be incorrectly associated CVE-2025-43240 webkitgtk: Processing maliciously...
RockyLinux 8 : webkit2gtk3 (RLSA-2025:13780)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:13780 advisory. angle: insufficient input validation can cause undefined behavior CVE-2025-6558 webkitgtk: A download?s origin may be incorrectly associated...
Linux Distros Unpatched Vulnerability : CVE-2016-4761
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS CVE-2016-4761 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2010-3812
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and...
Linux Distros Unpatched Vulnerability : CVE-2023-2203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with networ...
Linux Distros Unpatched Vulnerability : CVE-2021-42762
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes into...
Linux Distros Unpatched Vulnerability : CVE-2018-11646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in...
Linux Distros Unpatched Vulnerability : CVE-2020-13584
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free...
TencentOS Server 4: webkitgtk (TSSA-2025:0701)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0701 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2021-45483
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889. CVE-2021-45483 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2021-45481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation an...
Linux Distros Unpatched Vulnerability : CVE-2022-30293
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WebKitGTK through 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in...
Linux Distros Unpatched Vulnerability : CVE-2023-25358
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. CVE-2023-25358 Note that...
Linux Distros Unpatched Vulnerability : CVE-2020-11793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2021-21806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free...
Linux Distros Unpatched Vulnerability : CVE-2023-25363
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely...