Vulnerabilities > Webkitgtk

DATE CVE VULNERABILITY TITLE RISK
2018-04-03 CVE-2018-4120 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical webkitgtk CWE-119
8.8
2018-04-03 CVE-2018-4119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk canonical CWE-119
8.8
2018-04-03 CVE-2018-4118 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical webkitgtk CWE-119
8.8
2018-04-03 CVE-2018-4117 Information Exposure vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk canonical redhat debian CWE-200
6.5
2018-04-03 CVE-2018-4114 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical webkitgtk CWE-119
8.8
2018-04-03 CVE-2018-4113 Reachable Assertion vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple webkitgtk canonical CWE-617
6.5
2018-04-03 CVE-2018-4101 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in certain Apple products.
network
low complexity
apple canonical webkitgtk CWE-119
8.8
2017-11-01 CVE-2017-1000122 Improper Input Validation vulnerability in Webkitgtk Webkitgtk+
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary process to cause a denial of service (release assertion) of the UI process.
network
low complexity
webkitgtk CWE-20
5.3
2017-11-01 CVE-2017-1000121 Integer Overflow or Wraparound vulnerability in Webkitgtk Webkitgtk+
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary process to trigger an integer overflow and subsequent buffer overflow in the UI process.
network
low complexity
webkitgtk CWE-190
critical
9.8
2017-03-10 CVE-2015-2330 Improper Certificate Validation vulnerability in Webkitgtk
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.
network
low complexity
webkitgtk CWE-295
7.5