High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-07	CVE-2021-21775	Use After Free vulnerability in multiple products A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. network low complexity webkitgtk fedoraproject debian CWE-416	8.0
2021-04-02	CVE-2021-1789	Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved state handling. network low complexity apple fedoraproject webkitgtk CWE-843	8.8
2020-12-08	CVE-2020-27918	Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. local low complexity apple fedoraproject debian webkitgtk CWE-416	7.8
2020-12-03	CVE-2020-13584	Use After Free vulnerability in multiple products An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. network low complexity webkitgtk fedoraproject CWE-416	8.8
2020-04-17	CVE-2020-11793	Use After Free vulnerability in multiple products A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). network low complexity wpewebkit webkitgtk canonical fedoraproject opensuse CWE-416	8.8
2019-02-24	CVE-2019-8375	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webkitgtk and Webkitgtk+ The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of service (Buffer Overflow) or possibly have unspecified other impact, related to UIProcess/API/gtk/WebKitScriptDialogGtk.cpp, UIProcess/API/gtk/WebKitScriptDialogImpl.cpp, and UIProcess/API/gtk/WebKitWebViewGtk.cpp, as demonstrated by GNOME Web (aka Epiphany). network low complexity webkitgtk opensuse canonical CWE-119	7.5
2019-01-14	CVE-2019-6251	WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. network low complexity gnome wpewebkit webkitgtk fedoraproject canonical opensuse	8.1
2019-01-11	CVE-2018-4213	Improper Input Validation vulnerability in multiple products In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. network low complexity apple canonical webkitgtk CWE-20	8.8
2019-01-11	CVE-2018-4212	In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. network low complexity apple canonical webkitgtk	8.8
2019-01-11	CVE-2018-4210	Improper Validation of Array Index vulnerability in multiple products In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. network low complexity apple canonical webkitgtk CWE-129	8.8