8 matches found
CVE-2025-66286
An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via improper handling of caches. An attacker can obtain unauthorized access to sensor information by tricking a user into visiting a malicious website. This is only exploitable if the system is configured with certain...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds due to improper memory handling. An attacker can cause a process crash or potentially execute arbitrary code by tricking a user into processing or loading malicious web content. Note: This is only exploitable if packages...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via the memory management process. An attacker can execute arbitrary code or cause a crash by tricking a user into processing or loading malicious web content. This is only exploitable if the system has specific packages...
webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution
A vulnerability was found in WebKitGTK. A use-after-free may lead to Remote Code Execution. Users are advised to avoid processing untrusted web content in WebKitGTK...
webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution
A vulnerability was found in WebKitGTK. A use-after-free may lead to Remote Code Execution. Users are advised to avoid processing untrusted web content in WebKitGTK...
CVE-2023-26081
In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...
Privilege escalation using WebIDL-implemented APIs — Mozilla
Security researcher Mariusz Mlynski, via TippingPoint's Pwn2Own contest, reported that it is possible for untrusted web content to load a chrome-privileged page by getting JavaScript-implemented WebIDL to call window.open. A second bug allowed the bypassing of the popup-blocker without user...