| CVE-2022-32893 |
AVG-2819 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-32891 |
AVG-2819 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-32886 |
AVG-2819 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-32816 |
AVG-2790 |
High |
Yes |
Content spoofing |
Visiting a website that frames malicious content may lead to UI spoofing. |
| CVE-2022-32792 |
AVG-2790 |
Critical |
Yes |
Arbitrary code execution |
Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2022-30294 |
AVG-2758 |
High |
Yes |
Arbitrary code execution |
use-after-free while processing web content |
| CVE-2022-30293 |
AVG-2758 |
High |
Yes |
Arbitrary code execution |
heap-buffer overflow while processing web content |
| CVE-2022-26719 |
AVG-2758 |
High |
Yes |
Arbitrary code execution |
memory corruption while processing web content |
| CVE-2022-26717 |
AVG-2758 |
High |
Yes |
Arbitrary code execution |
use-after-free while processing web content |
| CVE-2022-26716 |
AVG-2758 |
High |
Yes |
Arbitrary code execution |
memory corruption while processing web content |
| CVE-2022-26710 |
AVG-2779 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-26709 |
AVG-2758 |
High |
Yes |
Arbitrary code execution |
use-after-free while processing web content |
| CVE-2022-26700 |
AVG-2758 |
High |
Yes |
Arbitrary code execution |
memory corruption while processing web content |
| CVE-2022-22677 |
AVG-2779 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-22662 |
AVG-2779 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-22637 |
AVG-2703 |
High |
Yes |
Unknown |
A logic issue was addressed with improved state management. A malicious website may cause unexpected cross-origin behavior. |
| CVE-2022-22629 |
AVG-2703 |
High |
Yes |
Arbitrary code execution |
A buffer overflow issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2022-22628 |
AVG-2703 |
High |
Yes |
Arbitrary code execution |
A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2022-22624 |
AVG-2703 |
High |
Yes |
Arbitrary code execution |
A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2022-22620 |
AVG-2649 |
High |
Yes |
Arbitrary code execution |
A use after free vulnerability was found in WebKitGTK allowing an attacker to perform remote code execution using maliciously crafted web content. |
| CVE-2021-42762 |
AVG-2483 |
Medium |
Yes |
Sandbox escape |
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes... |
| CVE-2021-30858 |
AVG-2399 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.4. Processing maliciously crafted web content may lead to arbitrary code execution.... |
| CVE-2021-30851 |
AVG-2483 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.34.0. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30849 |
AVG-2399 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.4. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30848 |
AVG-2399 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.4. Processing maliciously crafted web content may lead to code execution. |
| CVE-2021-30846 |
AVG-2483 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.34.0. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30799 |
AVG-2220 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30797 |
AVG-2220 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to code execution. |
| CVE-2021-30795 |
AVG-2220 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30762 |
AVG-2212 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.28.0. Processing maliciously crafted web content may lead to arbitrary code execution.... |
| CVE-2021-30761 |
AVG-2210 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.26.0. Processing maliciously crafted web content may lead to arbitrary code execution.... |
| CVE-2021-30758 |
AVG-2218 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.2. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30749 |
AVG-2220 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30744 |
AVG-2220 |
Medium |
Yes |
Cross-site scripting |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to universal cross site scripting. |
| CVE-2021-30734 |
AVG-2220 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30720 |
AVG-2220 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A malicious website may be able to access restricted ports on arbitrary servers. |
| CVE-2021-30689 |
AVG-2220 |
Medium |
Yes |
Cross-site scripting |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to universal cross site scripting. |
| CVE-2021-30682 |
AVG-2216 |
Medium |
Yes |
Information disclosure |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.0. A malicious application may be able to leak sensitive user information. |
| CVE-2021-30666 |
AVG-2210 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.26.0. Processing maliciously crafted web content may lead to arbitrary code execution.... |
| CVE-2021-30665 |
AVG-2220 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution.... |
| CVE-2021-30663 |
AVG-2220 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30661 |
AVG-2208 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to arbitrary code execution.... |
| CVE-2021-21806 |
AVG-2214 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.6. An exploitable use-after-free vulnerability exists in WebKit. A specially crafted... |
| CVE-2021-21779 |
AVG-2220 |
Medium |
Yes |
Information disclosure |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A use-after-free vulnerability exists in the way that WebKit GraphicsContext... |
| CVE-2021-21775 |
AVG-2220 |
Medium |
Yes |
Information disclosure |
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A use-after-free vulnerability exists in the way certain events are processed for... |
| CVE-2021-1871 |
AVG-1744 |
High |
Yes |
Arbitrary code execution |
A security issue was discovered in WebKitGTK before 2.32.0 and WPE WebKit before 2.32.0. A remote attacker may be able to cause arbitrary code execution.... |
| CVE-2021-1870 |
AVG-1721 |
High |
Yes |
Arbitrary code execution |
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. A remote attacker may be able to cause arbitrary code execution.... |
| CVE-2021-1844 |
AVG-1744 |
Medium |
Yes |
Arbitrary code execution |
A security issue was discovered in WebKitGTK before 2.32.0 and WPE WebKit before 2.32.0. Processing maliciously crafted web content may lead to arbitrary... |
| CVE-2021-1826 |
AVG-2208 |
Medium |
Yes |
Cross-site scripting |
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to universal cross site scripting. |
| CVE-2021-1825 |
AVG-2208 |
Medium |
Yes |
Cross-site scripting |
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to a cross site scripting attack. |
| CVE-2021-1820 |
AVG-2208 |
Medium |
Yes |
Information disclosure |
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may result in the disclosure of process memory. |
| CVE-2021-1817 |
AVG-2208 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-1801 |
AVG-1721 |
Medium |
Yes |
Sandbox escape |
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Maliciously crafted web content may violate iframe sandboxing policy. |
| CVE-2021-1799 |
AVG-1721 |
Medium |
Yes |
Access restriction bypass |
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. A malicious website may be able to access restricted ports on... |
| CVE-2021-1789 |
AVG-1721 |
Medium |
Yes |
Arbitrary code execution |
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Processing maliciously crafted web content may lead to arbitrary... |
| CVE-2021-1788 |
AVG-1744 |
Medium |
Yes |
Arbitrary code execution |
A security issue was discovered in WebKitGTK before 2.32.0 and WPE WebKit before 2.32.0. Processing maliciously crafted web content may lead to arbitrary... |
| CVE-2021-1765 |
AVG-1721 |
Medium |
Yes |
Sandbox escape |
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Maliciously crafted web content may violate iframe sandboxing policy. |
| CVE-2020-29623 |
AVG-1721 |
Medium |
No |
Information disclosure |
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. “Clear History and Website Data” did not clear the history in some... |
| CVE-2020-27918 |
AVG-1721 |
Medium |
Yes |
Arbitrary code execution |
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Processing maliciously crafted web content may lead to arbitrary... |
| CVE-2020-13753 |
AVG-1203 |
High |
No |
Sandbox escape |
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER... |
| CVE-2020-13584 |
AVG-1291 |
Medium |
Yes |
Arbitrary code execution |
A use after free issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may have lead to arbitrary code execution. |
| CVE-2020-13558 |
AVG-1571 |
Medium |
Yes |
Arbitrary code execution |
A use after free issue was found in WebKitGTK and WPE WebKit before version 2.30.5 in the AudioSourceProviderGStreamer class. Processing maliciously crafted... |
| CVE-2020-13543 |
AVG-1291 |
Medium |
Yes |
Arbitrary code execution |
A use after free issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2020-11793 |
AVG-1137 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free has been found in WebKitGTK before 2.2.8.1, where processing maliciously crafted web content may lead to arbitrary code execution or... |
| CVE-2020-10018 |
AVG-1114 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free has been found in WebKitGTK before 2.28.0, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2020-9983 |
AVG-1291 |
Medium |
Yes |
Arbitrary code execution |
An out-of-bounds write issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may have lead to code execution. |
| CVE-2020-9952 |
AVG-1292 |
Medium |
Yes |
Cross-site scripting |
An input validation issue was found in webkit2gtk before 2.28.3. Processing maliciously crafted web content might have lead to a cross site scripting attack. |
| CVE-2020-9951 |
AVG-1293 |
Medium |
Yes |
Arbitrary code execution |
A use after free issue was found in webkit2gtk before 2.30.0. Processing maliciously crafted web content may have lead to arbitrary code execution. |
| CVE-2020-9948 |
AVG-1293 |
Medium |
Yes |
Arbitrary code execution |
A type confusion issue was found in webkit2gtk before 2.30.0. Processing maliciously crafted web content may have lead to arbitrary code execution. |
| CVE-2020-9947 |
AVG-1723 |
Medium |
Yes |
Arbitrary code execution |
A security issue was discovered in WebKitGTK before 2.30.0 and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to arbitrary... |
| CVE-2020-9850 |
AVG-1203 |
Critical |
Yes |
Arbitrary code execution |
A logic issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, allowing a remote attacker to execute arbitrary code. |
| CVE-2020-9843 |
AVG-1203 |
Medium |
Yes |
Cross-site scripting |
An issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead to a cross site... |
| CVE-2020-9807 |
AVG-1203 |
Critical |
Yes |
Arbitrary code execution |
A memory corruption issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead... |
| CVE-2020-9806 |
AVG-1203 |
Critical |
Yes |
Arbitrary code execution |
A memory corruption issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead... |
| CVE-2020-9805 |
AVG-1203 |
High |
Yes |
Cross-site scripting |
A logic issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead to... |
| CVE-2020-9803 |
AVG-1203 |
Critical |
Yes |
Arbitrary code execution |
A memory corruption issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead... |
| CVE-2020-9802 |
AVG-1203 |
Critical |
Yes |
Arbitrary code execution |
A memory corruption issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead... |
| CVE-2020-3899 |
AVG-1144 |
Critical |
Yes |
Arbitrary code execution |
A memory handling issue has been found in WebKitGTK before 2.28.2 and WPE WebKit before 2.28.2. |
| CVE-2020-3868 |
AVG-1100 |
High |
Yes |
Arbitrary code execution |
Processing maliciously crafted web content may lead to arbitrary code execution. Credit to Marcin Towalski of Cisco Talos. |
| CVE-2020-3867 |
AVG-1100 |
High |
Yes |
Cross-site scripting |
Processing maliciously crafted web content may lead to universal cross site scripting. |
| CVE-2020-3865 |
AVG-1100 |
High |
Yes |
Sandbox escape |
A top-level DOM object context may have incorrectly been considered secure. |
| CVE-2020-3864 |
AVG-1100 |
Medium |
Yes |
Same-origin policy bypass |
A DOM object context may not have had a unique security origin. |
| CVE-2020-3862 |
AVG-1100 |
Medium |
Yes |
Denial of service |
A malicious website may be able to cause a denial of service. |
| CVE-2019-8846 |
AVG-1098 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues have been found in WebKitGTK before 2.26.3, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8844 |
AVG-1098 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues have been found in WebKitGTK before 2.26.3, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8835 |
AVG-1098 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues have been found in WebKitGTK before 2.26.3, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8688 |
AVG-1033 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8684 |
AVG-1033 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8683 |
AVG-1033 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8680 |
AVG-1033 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8678 |
AVG-1033 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8669 |
AVG-1033 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8658 |
AVG-1033 |
High |
Yes |
Cross-site scripting |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to universal cross site scripting. |
| CVE-2019-8649 |
AVG-1033 |
High |
Yes |
Cross-site scripting |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to universal cross site scripting. |
| CVE-2019-8644 |
AVG-1033 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8615 |
AVG-967 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-8607 |
AVG-967 |
High |
Yes |
Information disclosure |
An out-of-bounds read has been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may result in the disclosure of process memory. |
| CVE-2019-8595 |
AVG-967 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-6215 |
AVG-899 |
Critical |
Yes |
Arbitrary code execution |
A type confusion issue has been found in WebKitGTK+ before 2.22.6, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2019-6212 |
AVG-899 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues have been found in WebKitGTK+ before 2.22.6, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2018-4437 |
AVG-834 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues have been found in WebKitGTK+ before 2.22.5, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2018-4372 |
AVG-819 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues have been found in WebKitGTK+ versions prior to 2.22.4, possibly leading to arbitrary code execution while parsing crafted... |
| CVE-2018-4200 |
AVG-692 |
Critical |
Yes |
Arbitrary code execution |
A memory corruption issue has been found in webkitgtk < 2.20.2, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2018-4113 |
AVG-942 |
Low |
Yes |
Denial of service |
A security issue has been found in the handling of a function in JavaScriptCore of WebKitGTK+ < 2.20.0, where an unexpected interaction with indexing types... |
| CVE-2018-4101 |
AVG-942 |
Critical |
Yes |
Arbitrary code execution |
A security issue has been found in WebKitGTK+ < 2.20.0, where processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2017-7064 |
AVG-362 |
Medium |
No |
Information disclosure |
An information disclosure issue has been found in WebKitGTK+ <= 2.16.5, where an application may be able to read restricted memory. |
| CVE-2017-7061 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7056 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7055 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7048 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7046 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7039 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7037 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7034 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7030 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-7018 |
AVG-362 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents. |
| CVE-2017-2481 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2476 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2475 |
AVG-235 |
Medium |
Yes |
Cross-site scripting |
An issue has been found in WebKit, allowing remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site. |
| CVE-2017-2471 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been found in WebKit, allowing remote attackers to execute arbitrary code via a crafted web site. |
| CVE-2017-2470 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2469 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2468 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2466 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2465 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2464 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2460 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2459 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2457 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2455 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2454 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2447 |
AVG-235 |
High |
Yes |
Information disclosure |
An issue has been found in WebKit, allowing remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted web site. |
| CVE-2017-2446 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code via a crafted web site that leverages the mishandling of strict mode... |
| CVE-2017-2445 |
AVG-235 |
High |
Yes |
Cross-site scripting |
An issue has been found in WebKit, allowing remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects. |
| CVE-2017-2442 |
AVG-235 |
High |
Yes |
Same-origin policy bypass |
An issue has been found in WebKit, involving the “WebKit JavaScript Bindings” component. It allows remote attackers to bypass the Same Origin Policy and... |
| CVE-2017-2433 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2419 |
AVG-235 |
High |
Yes |
Access restriction bypass |
An issue has been found in WebKit, allowing remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors. |
| CVE-2017-2415 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code by leveraging an unspecified “type confusion.”. |
| CVE-2017-2405 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in the “WebKit Web Inspector” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory... |
| CVE-2017-2396 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2395 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2394 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2392 |
AVG-235 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app. |
| CVE-2017-2386 |
AVG-235 |
High |
Yes |
Same-origin policy bypass |
An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. |
| CVE-2017-2377 |
AVG-235 |
Medium |
Yes |
Denial of service |
This issue involves the “WebKit Web Inspector” component. It allows attackers to cause a denial of service (memory corruption and application crash) by... |
| CVE-2017-2376 |
AVG-235 |
High |
Yes |
Content spoofing |
An issue has been found in WebKit, allowing remote attackers to spoof the address bar by leveraging text input during the loading of a page. |
| CVE-2017-2373 |
AVG-170 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2371 |
AVG-170 |
Medium |
Yes |
Access restriction bypass |
An issue has been found in the handling of blocking popups in WebKitGTK+ before 2.14.4, allowing a malicious website to open popups. |
| CVE-2017-2369 |
AVG-170 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2367 |
AVG-235 |
High |
Yes |
Same-origin policy bypass |
An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. |
| CVE-2017-2366 |
AVG-170 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2365 |
AVG-170 |
Medium |
Yes |
Information disclosure |
A validation issue has been found in variable handling in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while processing maliciously... |
| CVE-2017-2364 |
AVG-170 |
Medium |
Yes |
Information disclosure |
Multiple validation issues have been found in the handling of page loading in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while... |
| CVE-2017-2363 |
AVG-170 |
Medium |
Yes |
Information disclosure |
Multiple validation issues have been found in the handling of page loading in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while... |
| CVE-2017-2362 |
AVG-170 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2356 |
AVG-170 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2355 |
AVG-170 |
Critical |
Yes |
Arbitrary code execution |
A memory initialization issue has been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2354 |
AVG-170 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2350 |
AVG-170 |
Medium |
Yes |
Information disclosure |
A security issue has been found in WebKitGTK+ before 2.14.4, where processing maliciously crafted web content may exfiltrate data cross- origin. |
| CVE-2016-9643 |
AVG-235 |
Medium |
Yes |
Denial of service |
The regex code in WebKitGTK+ before 2.14.6 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($... |
| CVE-2016-9642 |
AVG-235 |
Medium |
Yes |
Denial of service |
JavaScriptCore in WebKitGTK+ before 2.16.0 allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file. |
| CVE-2016-7656 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content. This issue... |
| CVE-2016-7654 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content.... |
| CVE-2016-7652 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content.... |
| CVE-2016-7645 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content.... |
| CVE-2016-7641 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content.... |
| CVE-2016-7639 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content.... |
| CVE-2016-7635 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content.... |
| CVE-2016-7632 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to denial of service or arbitrary code execution while processing maliciously crafted... |
| CVE-2016-7623 |
AVG-146 |
Medium |
Yes |
Information disclosure |
An issue in the handling of blob URLs was found in WebKitGTK+ < 2.14.3, leading to potential compromise of user information while processing maliciously... |
| CVE-2016-7599 |
AVG-146 |
Medium |
Yes |
Information disclosure |
An issue in the handling of HTTP redirects was found in WebKitGTK+ < 2.14.3, leading to potential disclosure of user information while processing... |
| CVE-2016-7592 |
AVG-146 |
Medium |
Yes |
Information disclosure |
An issue in the handling of JavaScript prompts was found in WebKitGTK+ < 2.14.3, leading to potential compromise of user information while processing... |
| CVE-2016-7589 |
AVG-146 |
Critical |
Yes |
Arbitrary code execution |
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to potential arbitrary code execution while processing maliciously crafted web content.... |
| CVE-2016-7586 |
AVG-146 |
Medium |
Yes |
Information disclosure |
A validation issue was found in WebKitGTK+ < 2.14.3, leading to the potential disclosure of user information while processing maliciously crafted web... |