Webkitgtk

Webkitgtk

63 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2013-7324

  • EPSS 0.42%
  • Veröffentlicht 17.02.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 02:00:44

Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existin...

6.1

CVE-2019-8674

  • EPSS 0.73%
  • Veröffentlicht 18.12.2019 18:15:32
  • Zuletzt bearbeitet 21.11.2024 04:50:16

A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting.

5.3

CVE-2019-11070

  • EPSS 2.02%
  • Veröffentlicht 10.04.2019 21:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:28

WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing t...

9.8

CVE-2019-8375

Exploit
  • EPSS 21.51%
  • Veröffentlicht 24.02.2019 13:29:00
  • Zuletzt bearbeitet 21.11.2024 04:49:46

The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not prevent the script dialog size from exceeding the web view size, which allows remote attackers to cause a denial of ser...

8.1

CVE-2019-6251

Exploit
  • EPSS 2.54%
  • Veröffentlicht 14.01.2019 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:46:18

WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 ...

7.5

CVE-2015-2330

  • EPSS 0.32%
  • Veröffentlicht 10.03.2017 02:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.

7.5

CVE-2010-4577

Exploit
  • EPSS 4.27%
  • Veröffentlicht 22.12.2010 01:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS...

8.8

CVE-2010-4206

Exploit
  • EPSS 2.95%
  • Veröffentlicht 06.11.2010 00:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service ...

9.8

CVE-2010-4204

Exploit
  • EPSS 4.35%
  • Veröffentlicht 06.11.2010 00:00:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified othe...

8.8

CVE-2010-4198

  • EPSS 1.28%
  • Veröffentlicht 06.11.2010 00:00:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified oth...