Lucene search
K

8 matches found

UbuntuCve
UbuntuCve
added 2026/04/23 1:16 p.m.5 views

CVE-2025-66286

An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...

4.7CVSS5.8AI score0.00233EPSS
Exploits0References1
Snyk
Snyk
added 2025/09/23 12:0 a.m.6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via improper handling of caches. An attacker can obtain unauthorized access to sensor information by tricking a user into visiting a malicious website. This is only exploitable if the system is configured with certain...

6.9CVSS6.7AI score0.00604EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/23 12:0 a.m.3 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds due to improper memory handling. An attacker can cause a process crash or potentially execute arbitrary code by tricking a user into processing or loading malicious web content. Note: This is only exploitable if packages...

8.8CVSS7.5AI score0.00952EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/23 12:0 a.m.3 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via the memory management process. An attacker can execute arbitrary code or cause a crash by tricking a user into processing or loading malicious web content. This is only exploitable if the system has specific packages...

8.8CVSS7.5AI score0.00717EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/10/28 12:58 a.m.2 views

webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution

A vulnerability was found in WebKitGTK. A use-after-free may lead to Remote Code Execution. Users are advised to avoid processing untrusted web content in WebKitGTK...

6.5CVSS5.8AI score0.01014EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/10/16 1:9 p.m.4 views

webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution

A vulnerability was found in WebKitGTK. A use-after-free may lead to Remote Code Execution. Users are advised to avoid processing untrusted web content in WebKitGTK...

6.5CVSS5.8AI score0.01014EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/02/20 12:0 a.m.21 views

CVE-2023-26081

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

7.5CVSS7.1AI score0.01228EPSS
Exploits1References3
Mozilla
Mozilla
added 2014/03/18 12:0 a.m.73 views

Privilege escalation using WebIDL-implemented APIs — Mozilla

Security researcher Mariusz Mlynski, via TippingPoint's Pwn2Own contest, reported that it is possible for untrusted web content to load a chrome-privileged page by getting JavaScript-implemented WebIDL to call window.open. A second bug allowed the bypassing of the popup-blocker without user...

9.8CVSS9.4AI score0.83633EPSS
Exploits6References4Affected Software4
Rows per page
Query Builder