Log

CVE-2021-30666 created at 25 Jul 2021 12:14:28
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.26.0. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-30666
Notes
CVE-2021-30665 created at 25 Jul 2021 12:14:28
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-30665
Notes
CVE-2021-30663 created at 25 Jul 2021 12:14:27
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-30663
Notes
CVE-2021-30661 created at 25 Jul 2021 12:14:27
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-30661
Notes
CVE-2021-21806 created at 25 Jul 2021 12:14:27
Severity
+ Medium
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.30.6. An exploitable use-after-free vulnerability exists in WebKit. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-21806
Notes
CVE-2021-21779 created at 25 Jul 2021 12:14:27
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A use-after-free vulnerability exists in the way that WebKit GraphicsContext handles certain events. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this vulnerability.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-21779
Notes
CVE-2021-21775 created at 25 Jul 2021 12:14:27
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of WebKit. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tricked into visiting a malicious webpage.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-21775
Notes
CVE-2021-1826 created at 25 Jul 2021 12:14:27
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to universal cross site scripting.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-1826
Notes
CVE-2021-1825 created at 25 Jul 2021 12:14:27
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to a cross site scripting attack.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-1825
Notes
CVE-2021-1820 created at 25 Jul 2021 12:14:27
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may result in the disclosure of process memory.
References
+ https://webkitgtk.org/security/WSA-2021-0004.html#CVE-2021-1820
Notes