Vulnerabilities > Webkitgtk

DATE CVE VULNERABILITY TITLE RISK
2018-04-03 CVE-2018-4101 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical webkitgtk CWE-119
8.8
2017-11-01 CVE-2017-1000122 Improper Input Validation vulnerability in Webkitgtk Webkitgtk+
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process.
network
low complexity
webkitgtk CWE-20
5.3
2017-11-01 CVE-2017-1000121 Integer Overflow or Wraparound vulnerability in Webkitgtk Webkitgtk+
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process.
network
low complexity
webkitgtk CWE-190
critical
9.8
2017-03-10 CVE-2015-2330 Improper Certificate Validation vulnerability in Webkitgtk
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.
network
low complexity
webkitgtk CWE-295
7.5
2017-02-20 CVE-2017-2373 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk CWE-119
8.8
2017-02-20 CVE-2017-2369 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk CWE-119
8.8
2017-02-20 CVE-2017-2365 Information Exposure vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk CWE-200
6.5
2017-02-20 CVE-2017-2363 Information Exposure vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk CWE-200
6.5
2017-02-20 CVE-2017-2360 Use After Free vulnerability in multiple products
An issue was discovered in certain Apple products.
local
low complexity
apple webkitgtk CWE-416
7.8
2017-02-20 CVE-2017-2356 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk CWE-119
8.8