5 matches found
CVE-2020-9951
CVE-2020-9951 is a WebKit use-after-free vulnerability in Safari (WebKit GTK also mirrors related WebKit issues). Exploitation requires a victim to visit a specially crafted web site, potentially enabling arbitrary code execution on affected Apple platforms. The issue is addressed in Safari/WebKi...
CVE-2020-9948
CVE-2020-9948 is a WebKit/WebKitGTK/WebKitGTK+ type confusion vulnerability that could allow arbitrary code execution when processing malicious web content. The initial Safari 14.0 security content notes this type confusion issue was fixed in Safari 14.0, and Debian/AlmaLinux advisories list WebK...
CVE-2020-9952
CVE-2020-9952 refers to an input validation issue that could enable a cross-site scripting (XSS) attack when processing maliciously crafted web content. The official guidance states this was addressed with improved input validation and is fixed in Apple software releases: iOS 14.0 and iPadOS 14.0...
CVE-2018-4209
CVE-2018-4209 affects multiple Apple platforms (iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, and iTunes before 12.7.4 for Windows). Description: an unexpected interaction can trigger an ASSERT failure in WebKit. Root cause: an input/int...
CVE-2018-12294
CVE-2018-12294 affects WebKitGTK+ (WebKitGTK+ prior to 2.20.2) where WebCore/TextureMapperLayer.cpp (TextureMapperLayer) is vulnerable to a use-after-free of WebCore::TextureMapperLayer. The connected sources consistently describe a WebKitGTK+ memory-use-after-free vulnerability; no vendor/produc...