Vulnerabilities > Webkit > High

DATE CVE VULNERABILITY TITLE RISK
2020-10-16 CVE-2020-9952 Cross-site Scripting vulnerability in multiple products
An input validation issue was addressed with improved input validation.
network
low complexity
apple webkit CWE-79
7.1
2020-10-16 CVE-2020-9951 Use After Free vulnerability in multiple products
A use after free issue was addressed with improved memory management.
network
low complexity
apple webkit debian CWE-416
8.8
2020-10-16 CVE-2020-9948 Type Confusion vulnerability in multiple products
A type confusion issue was addressed with improved memory handling.
network
low complexity
apple webkit debian CWE-843
8.8
2019-01-11 CVE-2018-4209 Improper Input Validation vulnerability in multiple products
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure.
network
low complexity
apple canonical webkit CWE-20
8.8
2018-06-19 CVE-2018-12294 Use After Free vulnerability in Webkit Webkitgtk+
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.
network
low complexity
webkit CWE-416
8.8
2017-03-07 CVE-2016-9643 Resource Exhaustion vulnerability in Webkit 2.4.11
The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis).
network
low complexity
webkit CWE-400
7.5