Webkitgtk

Webkitgtk

66 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-43343

  • EPSS 0.13%
  • Veröffentlicht 15.09.2025 22:35:30
  • Zuletzt bearbeitet 20.11.2025 17:40:47

The issue was addressed with improved memory handling. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.

9.8

CVE-2025-43342

  • EPSS 0.36%
  • Veröffentlicht 15.09.2025 22:35:12
  • Zuletzt bearbeitet 20.11.2025 17:40:21

A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26, iOS 18.7 and iPadOS 18.7. Processing maliciously crafted web content may lead to an unexpected process c...

8.8

CVE-2025-6558

Warnung Medienbericht
  • EPSS 0.09%
  • Veröffentlicht 15.07.2025 18:15:24
  • Zuletzt bearbeitet 06.11.2025 14:52:01

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

5.5

CVE-2024-27834

  • EPSS 0.01%
  • Veröffentlicht 14.05.2024 15:13:06
  • Zuletzt bearbeitet 04.11.2025 18:16:14

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

6.5

CVE-2024-23284

  • EPSS 0.52%
  • Veröffentlicht 08.03.2024 02:15:49
  • Zuletzt bearbeitet 04.11.2025 19:16:49

A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web conte...

6.5

CVE-2024-23280

  • EPSS 0.53%
  • Veröffentlicht 08.03.2024 02:15:49
  • Zuletzt bearbeitet 04.11.2025 19:16:46

An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user.

6.5

CVE-2024-23263

  • EPSS 0.36%
  • Veröffentlicht 08.03.2024 02:15:48
  • Zuletzt bearbeitet 04.11.2025 19:16:44

A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may...

6.5

CVE-2024-23254

  • EPSS 0.47%
  • Veröffentlicht 08.03.2024 02:15:48
  • Zuletzt bearbeitet 04.11.2025 19:16:42

The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin.

4.3

CVE-2023-42843

  • EPSS 0.09%
  • Veröffentlicht 21.02.2024 07:15:48
  • Zuletzt bearbeitet 09.12.2024 17:31:31

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spo...

8.8

CVE-2023-39928

  • EPSS 0.19%
  • Veröffentlicht 06.10.2023 16:15:13
  • Zuletzt bearbeitet 04.11.2025 20:16:36

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a ...