CVE-2016-9643
- EPSS 0.92%
- Published 07.03.2017 16:59:01
- Last modified 20.04.2025 01:37:25
The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis).
CVE-2016-9642
- EPSS 0.19%
- Published 03.02.2017 15:59:00
- Last modified 20.04.2025 01:37:25
JavaScriptCore in WebKit allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.
CVE-2010-1766
- EPSS 2.35%
- Published 22.07.2010 05:42:55
- Last modified 11.04.2025 00:51:21
Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory ...
- EPSS 2.17%
- Published 12.11.2009 17:54:58
- Last modified 09.04.2025 00:30:58
WebKit before r50173, as used in Google Chrome before 3.0.195.32, allows remote attackers to cause a denial of service (CPU consumption) via a web page that calls the JavaScript setInterval method, which triggers an incompatibility between the WTF::c...
- EPSS 0.36%
- Published 05.02.2009 00:30:00
- Last modified 09.04.2025 00:30:58
xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via...