VYPR

Webkit

by Apple Inc.

Source repositories

CVEs (498)

  • CVE-2021-30954Aug 24, 2021
    risk 0.00cvss epss 0.01

    A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

  • CVE-2021-21779Jul 8, 2021
    risk 0.00cvss epss 0.03

    A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web…

  • CVE-2021-21806Jul 8, 2021
    risk 0.00cvss epss 0.03

    An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.

  • CVE-2021-21775Jul 7, 2021
    risk 0.00cvss epss 0.01

    A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim…

  • CVE-2020-13558Mar 3, 2021
    risk 0.00cvss epss 0.02

    A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.

  • CVE-2020-13584Dec 3, 2020
    risk 0.00cvss epss 0.04

    An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability.

  • CVE-2020-13543Dec 3, 2020
    risk 0.00cvss epss 0.03

    A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this…

  • CVE-2019-8752Oct 27, 2020
    risk 0.00cvss epss 0.01

    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web…

  • CVE-2019-8678Dec 18, 2019
    risk 0.00cvss epss 0.02

    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web…

  • CVE-2019-11070Apr 10, 2019
    risk 0.00cvss epss 0.03

    WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are…

  • CVE-2018-4445Apr 3, 2019
    risk 0.00cvss epss 0.01

    "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.

  • CVE-2018-4430Apr 3, 2019
    risk 0.00cvss epss 0.00

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1.

  • CVE-2018-4414Apr 3, 2019
    risk 0.00cvss epss 0.01

    A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.

  • CVE-2018-4429Apr 3, 2019
    risk 0.00cvss epss 0.01

    A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, watchOS 5.1.2.

  • CVE-2018-4400Apr 3, 2019
    risk 0.00cvss epss 0.01

    A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.

  • CVE-2018-4358Apr 3, 2019
    risk 0.00cvss epss 0.02

    Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

  • CVE-2018-4360Apr 3, 2019
    risk 0.00cvss epss 0.02

    Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

  • CVE-2018-4355Apr 3, 2019
    risk 0.00cvss epss 0.01

    A configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

  • CVE-2018-4362Apr 3, 2019
    risk 0.00cvss epss 0.01

    An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12.

  • CVE-2018-4356Apr 3, 2019
    risk 0.00cvss epss 0.01

    A permissions issue existed. This issue was addressed with improved permission validation. This issue affected versions prior to iOS 12.

Page 10 of 25