webkit2gtk

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Web content engine for GTK
Version 2.46.1-2 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2819 2.36.7-1 2.36.8-1 Unknown Fixed
AVG-2790 2.36.4-2 2.36.5-1 Critical Fixed
AVG-2779 2.36.3-1 2.36.4-1 Unknown Fixed
AVG-2758 2.36.2-1 2.36.3-1 High Fixed
AVG-2703 2.34.6-1 2.34.7-1 High Fixed
AVG-2649 2.34.5-1 2.34.6-1 High Fixed
AVG-2483 2.32.4-1 2.34.1-1 Medium Fixed
AVG-2399 2.32.3-1 2.32.4-1 High Fixed
AVG-2220 2.32.2-1 2.32.3-1 High Fixed
AVG-2218 2.32.1-1 2.32.2-1 Medium Fixed
AVG-2216 2.30.6-1 2.32.0-1 Medium Fixed
AVG-2214 2.30.5-1 2.30.6-1 Medium Fixed
AVG-2212 2.27.91-1 2.28.0-1 High Fixed
AVG-2210 2.24.4-1 2.26.0-1 High Fixed
AVG-2208 2.28.4-1 2.30.1-1 High Fixed
AVG-1744 2.30.6-1 2.32.0-1 High Fixed
AVG-1723 2.28.4-1 2.30.1-1 Medium Fixed
AVG-1721 2.30.5-1 2.30.6-1 High Fixed
AVG-1571 2.30.4-3 2.30.5-1 Medium Fixed
AVG-1293 2.28.4-1 2.30.1-1 Medium Fixed
AVG-1292 2.28.2-2 2.28.3-1 Medium Fixed
AVG-1291 2.30.2-1 2.30.3-1 Medium Fixed
AVG-1203 2.28.2-2 2.28.3-1 Critical Fixed
AVG-1144 2.28.1-1 2.28.2-1 Critical Fixed
AVG-1137 2.28.0-3 2.28.1-1 Critical Fixed
AVG-1114 2.27.91-1 2.28.0-1 Critical Fixed
AVG-1100 2.26.3-1 2.26.4-1 High Fixed
AVG-1098 2.26.2-2 2.26.3-1 Critical Fixed
AVG-1033 2.24.3-1 2.24.4-1 Critical Fixed
AVG-967 2.24.1-1 2.24.2-1 Critical Fixed
AVG-942 2.19.92-1 2.20.0-1 Critical Fixed
AVG-899 2.22.5-1 2.22.6-1 Critical Fixed
AVG-834 2.22.4-1 2.22.5-1 Critical Fixed
AVG-819 2.22.3-1 2.22.4-1 Critical Fixed
AVG-692 2.20.1-1 2.20.2-1 Critical Fixed
AVG-362 2.16.5-1 2.16.6-1 Critical Fixed
AVG-235 2.14.5-1 2.16.1-1 Critical Fixed
AVG-170 2.14.3-1 2.14.4-1 Critical Fixed
AVG-146 2.14.2-2 2.14.3-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2022-32893 AVG-2819 Unknown Unknown Unknown Unknown
CVE-2022-32891 AVG-2819 Unknown Unknown Unknown Unknown
CVE-2022-32886 AVG-2819 Unknown Unknown Unknown Unknown
CVE-2022-32816 AVG-2790 High Yes Content spoofing
Visiting a website that frames malicious content may lead to UI spoofing.
CVE-2022-32792 AVG-2790 Critical Yes Arbitrary code execution
Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-30294 AVG-2758 High Yes Arbitrary code execution
use-after-free while processing web content
CVE-2022-30293 AVG-2758 High Yes Arbitrary code execution
heap-buffer overflow while processing web content
CVE-2022-26719 AVG-2758 High Yes Arbitrary code execution
memory corruption  while processing web content
CVE-2022-26717 AVG-2758 High Yes Arbitrary code execution
use-after-free while processing web content
CVE-2022-26716 AVG-2758 High Yes Arbitrary code execution
memory corruption while processing web content
CVE-2022-26710 AVG-2779 Unknown Unknown Unknown Unknown
CVE-2022-26709 AVG-2758 High Yes Arbitrary code execution
use-after-free while processing web content
CVE-2022-26700 AVG-2758 High Yes Arbitrary code execution
memory corruption while processing web content
CVE-2022-22677 AVG-2779 Unknown Unknown Unknown Unknown
CVE-2022-22662 AVG-2779 Unknown Unknown Unknown Unknown
CVE-2022-22637 AVG-2703 High Yes Unknown
A logic issue was addressed with improved state management. A malicious website may cause unexpected cross-origin behavior.
CVE-2022-22629 AVG-2703 High Yes Arbitrary code execution
A buffer overflow issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-22628 AVG-2703 High Yes Arbitrary code execution
A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-22624 AVG-2703 High Yes Arbitrary code execution
A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-22620 AVG-2649 High Yes Arbitrary code execution
A use after free vulnerability was found in WebKitGTK allowing an attacker to perform remote code execution using maliciously crafted web content.
CVE-2021-42762 AVG-2483 Medium Yes Sandbox escape
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host processes...
CVE-2021-30858 AVG-2399 High Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.4. Processing maliciously crafted web content may lead to arbitrary code execution....
CVE-2021-30851 AVG-2483 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.34.0. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30849 AVG-2399 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.4. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30848 AVG-2399 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.4. Processing maliciously crafted web content may lead to code execution.
CVE-2021-30846 AVG-2483 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.34.0. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30799 AVG-2220 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30797 AVG-2220 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to code execution.
CVE-2021-30795 AVG-2220 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30762 AVG-2212 High Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.28.0. Processing maliciously crafted web content may lead to arbitrary code execution....
CVE-2021-30761 AVG-2210 High Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.26.0. Processing maliciously crafted web content may lead to arbitrary code execution....
CVE-2021-30758 AVG-2218 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.2. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30749 AVG-2220 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30744 AVG-2220 Medium Yes Cross-site scripting
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2021-30734 AVG-2220 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30720 AVG-2220 Medium Yes Access restriction bypass
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A malicious website may be able to access restricted ports on arbitrary servers.
CVE-2021-30689 AVG-2220 Medium Yes Cross-site scripting
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2021-30682 AVG-2216 Medium Yes Information disclosure
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.0. A malicious application may be able to leak sensitive user information.
CVE-2021-30666 AVG-2210 High Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.26.0. Processing maliciously crafted web content may lead to arbitrary code execution....
CVE-2021-30665 AVG-2220 High Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution....
CVE-2021-30663 AVG-2220 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-30661 AVG-2208 High Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to arbitrary code execution....
CVE-2021-21806 AVG-2214 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.6. An exploitable use-after-free vulnerability exists in WebKit. A specially crafted...
CVE-2021-21779 AVG-2220 Medium Yes Information disclosure
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A use-after-free vulnerability exists in the way that WebKit GraphicsContext...
CVE-2021-21775 AVG-2220 Medium Yes Information disclosure
A security issue has been found in WebKitGTK and WPE WebKit before 2.32.3. A use-after-free vulnerability exists in the way certain events are processed for...
CVE-2021-1871 AVG-1744 High Yes Arbitrary code execution
A security issue was discovered in WebKitGTK before 2.32.0 and WPE WebKit before 2.32.0. A remote attacker may be able to cause arbitrary code execution....
CVE-2021-1870 AVG-1721 High Yes Arbitrary code execution
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. A remote attacker may be able to cause arbitrary code execution....
CVE-2021-1844 AVG-1744 Medium Yes Arbitrary code execution
A security issue was discovered in WebKitGTK before 2.32.0 and WPE WebKit before 2.32.0. Processing maliciously crafted web content may lead to arbitrary...
CVE-2021-1826 AVG-2208 Medium Yes Cross-site scripting
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2021-1825 AVG-2208 Medium Yes Cross-site scripting
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to a cross site scripting attack.
CVE-2021-1820 AVG-2208 Medium Yes Information disclosure
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may result in the disclosure of process memory.
CVE-2021-1817 AVG-2208 Medium Yes Arbitrary code execution
A security issue has been found in WebKitGTK and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2021-1801 AVG-1721 Medium Yes Sandbox escape
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Maliciously crafted web content may violate iframe sandboxing policy.
CVE-2021-1799 AVG-1721 Medium Yes Access restriction bypass
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. A malicious website may be able to access restricted ports on...
CVE-2021-1789 AVG-1721 Medium Yes Arbitrary code execution
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Processing maliciously crafted web content may lead to arbitrary...
CVE-2021-1788 AVG-1744 Medium Yes Arbitrary code execution
A security issue was discovered in WebKitGTK before 2.32.0 and WPE WebKit before 2.32.0. Processing maliciously crafted web content may lead to arbitrary...
CVE-2021-1765 AVG-1721 Medium Yes Sandbox escape
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Maliciously crafted web content may violate iframe sandboxing policy.
CVE-2020-29623 AVG-1721 Medium No Information disclosure
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. “Clear History and Website Data” did not clear the history in some...
CVE-2020-27918 AVG-1721 Medium Yes Arbitrary code execution
A security issue was discovered in WebKitGTK before 2.30.6 and WPE WebKit before 2.30.6. Processing maliciously crafted web content may lead to arbitrary...
CVE-2020-13753 AVG-1203 High No Sandbox escape
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER...
CVE-2020-13584 AVG-1291 Medium Yes Arbitrary code execution
A use after free issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may have lead to arbitrary code execution.
CVE-2020-13558 AVG-1571 Medium Yes Arbitrary code execution
A use after free issue was found in WebKitGTK and WPE WebKit before version 2.30.5 in the AudioSourceProviderGStreamer class. Processing maliciously crafted...
CVE-2020-13543 AVG-1291 Medium Yes Arbitrary code execution
A use after free issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-11793 AVG-1137 Critical Yes Arbitrary code execution
A use-after-free has been found in WebKitGTK before 2.2.8.1, where processing maliciously crafted web content may lead to arbitrary code execution or...
CVE-2020-10018 AVG-1114 Critical Yes Arbitrary code execution
A use-after-free has been found in WebKitGTK before 2.28.0, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2020-9983 AVG-1291 Medium Yes Arbitrary code execution
An out-of-bounds write issue was found in webkit2gtk before 2.30.3. Processing maliciously crafted web content may have lead to code execution.
CVE-2020-9952 AVG-1292 Medium Yes Cross-site scripting
An input validation issue was found in webkit2gtk before 2.28.3. Processing maliciously crafted web content might have lead to a cross site scripting attack.
CVE-2020-9951 AVG-1293 Medium Yes Arbitrary code execution
A use after free issue was found in webkit2gtk before 2.30.0. Processing maliciously crafted web content may have lead to arbitrary code execution.
CVE-2020-9948 AVG-1293 Medium Yes Arbitrary code execution
A type confusion issue was found in webkit2gtk before 2.30.0. Processing maliciously crafted web content may have lead to arbitrary code execution.
CVE-2020-9947 AVG-1723 Medium Yes Arbitrary code execution
A security issue was discovered in WebKitGTK before 2.30.0 and WPE WebKit before 2.30.0. Processing maliciously crafted web content may lead to arbitrary...
CVE-2020-9850 AVG-1203 Critical Yes Arbitrary code execution
A logic issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, allowing a remote attacker to execute arbitrary code.
CVE-2020-9843 AVG-1203 Medium Yes Cross-site scripting
An issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead to a cross site...
CVE-2020-9807 AVG-1203 Critical Yes Arbitrary code execution
A memory corruption issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead...
CVE-2020-9806 AVG-1203 Critical Yes Arbitrary code execution
A memory corruption issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead...
CVE-2020-9805 AVG-1203 High Yes Cross-site scripting
A logic issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead to...
CVE-2020-9803 AVG-1203 Critical Yes Arbitrary code execution
A memory corruption issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead...
CVE-2020-9802 AVG-1203 Critical Yes Arbitrary code execution
A memory corruption issue has been found in WebKitGTK before 2.28.3 and WPE WebKit before 2.2.8.3, where processing maliciously crafted web content may lead...
CVE-2020-3899 AVG-1144 Critical Yes Arbitrary code execution
A memory handling issue has been found in WebKitGTK before 2.28.2 and WPE WebKit before 2.28.2.
CVE-2020-3868 AVG-1100 High Yes Arbitrary code execution
Processing maliciously crafted web content may lead to arbitrary code execution. Credit to Marcin Towalski of Cisco Talos.
CVE-2020-3867 AVG-1100 High Yes Cross-site scripting
Processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2020-3865 AVG-1100 High Yes Sandbox escape
A top-level DOM object context may have incorrectly been considered secure.
CVE-2020-3864 AVG-1100 Medium Yes Same-origin policy bypass
A DOM object context may not have had a unique security origin.
CVE-2020-3862 AVG-1100 Medium Yes Denial of service
A malicious website may be able to cause a denial of service.
CVE-2019-8846 AVG-1098 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK before 2.26.3, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8844 AVG-1098 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK before 2.26.3, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8835 AVG-1098 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK before 2.26.3, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8688 AVG-1033 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8684 AVG-1033 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8683 AVG-1033 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8680 AVG-1033 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8678 AVG-1033 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8669 AVG-1033 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8658 AVG-1033 High Yes Cross-site scripting
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2019-8649 AVG-1033 High Yes Cross-site scripting
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to universal cross site scripting.
CVE-2019-8644 AVG-1033 Critical Yes Arbitrary code execution
An issue has been found in WebKitGTK before 2.24.4 where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8615 AVG-967 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-8607 AVG-967 High Yes Information disclosure
An out-of-bounds read has been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may result in the disclosure of process memory.
CVE-2019-8595 AVG-967 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK before 2.24.2, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-6215 AVG-899 Critical Yes Arbitrary code execution
A type confusion issue has been found in WebKitGTK+ before 2.22.6, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2019-6212 AVG-899 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK+ before 2.22.6, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4437 AVG-834 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK+ before 2.22.5, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4372 AVG-819 Critical Yes Arbitrary code execution
Multiple memory corruption issues have been found in WebKitGTK+ versions prior to 2.22.4, possibly leading to arbitrary code execution while parsing crafted...
CVE-2018-4200 AVG-692 Critical Yes Arbitrary code execution
A memory corruption issue has been found in webkitgtk < 2.20.2, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2018-4113 AVG-942 Low Yes Denial of service
A security issue has been found in the handling of a function in JavaScriptCore of WebKitGTK+ < 2.20.0, where an unexpected interaction with indexing types...
CVE-2018-4101 AVG-942 Critical Yes Arbitrary code execution
A security issue has been found in WebKitGTK+ < 2.20.0, where processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2017-7064 AVG-362 Medium No Information disclosure
An information disclosure issue has been found in WebKitGTK+ <= 2.16.5, where an application may be able to read restricted memory.
CVE-2017-7061 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7056 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7055 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7048 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7046 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7039 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7037 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7034 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7030 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-7018 AVG-362 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ <= 2.16.5, leading to arbitrary code execution when processing maliciously crafted web contents.
CVE-2017-2481 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2476 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2475 AVG-235 Medium Yes Cross-site scripting
An issue has been found in WebKit, allowing remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site.
CVE-2017-2471 AVG-235 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in WebKit, allowing remote attackers to execute arbitrary code via a crafted web site.
CVE-2017-2470 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2469 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2468 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2466 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2465 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2464 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2460 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2459 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2457 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2455 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2454 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2447 AVG-235 High Yes Information disclosure
An issue has been found in WebKit, allowing remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted web site.
CVE-2017-2446 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code via a crafted web site that leverages the mishandling of strict mode...
CVE-2017-2445 AVG-235 High Yes Cross-site scripting
An issue has been found in WebKit, allowing remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects.
CVE-2017-2442 AVG-235 High Yes Same-origin policy bypass
An issue has been found in WebKit, involving the “WebKit JavaScript Bindings” component. It allows remote attackers to bypass the Same Origin Policy and...
CVE-2017-2433 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2419 AVG-235 High Yes Access restriction bypass
An issue has been found in WebKit, allowing remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors.
CVE-2017-2415 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code by leveraging an unspecified “type confusion.”.
CVE-2017-2405 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in the “WebKit Web Inspector” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory...
CVE-2017-2396 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2395 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2394 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2392 AVG-235 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
CVE-2017-2386 AVG-235 High Yes Same-origin policy bypass
An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2377 AVG-235 Medium Yes Denial of service
This issue involves the “WebKit Web Inspector” component. It allows attackers to cause a denial of service (memory corruption and application crash) by...
CVE-2017-2376 AVG-235 High Yes Content spoofing
An issue has been found in WebKit, allowing remote attackers to spoof the address bar by leveraging text input during the loading of a page.
CVE-2017-2373 AVG-170 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2371 AVG-170 Medium Yes Access restriction bypass
An issue has been found in the handling of blocking popups in WebKitGTK+ before 2.14.4, allowing a malicious website to open popups.
CVE-2017-2369 AVG-170 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2367 AVG-235 High Yes Same-origin policy bypass
An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2366 AVG-170 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2365 AVG-170 Medium Yes Information disclosure
A validation issue has been found in variable handling in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while processing maliciously...
CVE-2017-2364 AVG-170 Medium Yes Information disclosure
Multiple validation issues have been found in the handling of page loading in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while...
CVE-2017-2363 AVG-170 Medium Yes Information disclosure
Multiple validation issues have been found in the handling of page loading in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while...
CVE-2017-2362 AVG-170 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2356 AVG-170 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2355 AVG-170 Critical Yes Arbitrary code execution
A memory initialization issue has been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2354 AVG-170 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2350 AVG-170 Medium Yes Information disclosure
A security issue has been found in WebKitGTK+ before 2.14.4, where processing maliciously crafted web content may exfiltrate data cross- origin.
CVE-2016-9643 AVG-235 Medium Yes Denial of service
The regex code in WebKitGTK+ before 2.14.6 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($...
CVE-2016-9642 AVG-235 Medium Yes Denial of service
JavaScriptCore in WebKitGTK+ before 2.16.0 allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.
CVE-2016-7656 AVG-146 Critical Yes Arbitrary code execution
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content. This issue...
CVE-2016-7654 AVG-146 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7652 AVG-146 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7645 AVG-146 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7641 AVG-146 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7639 AVG-146 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7635 AVG-146 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7632 AVG-146 Critical Yes Arbitrary code execution
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to denial of service or arbitrary code execution while processing maliciously crafted...
CVE-2016-7623 AVG-146 Medium Yes Information disclosure
An issue in the handling of blob URLs was found in WebKitGTK+ < 2.14.3, leading to potential compromise of user information while processing maliciously...
CVE-2016-7599 AVG-146 Medium Yes Information disclosure
An issue in the handling of HTTP redirects was found in WebKitGTK+ < 2.14.3, leading to potential disclosure of user information while processing...
CVE-2016-7592 AVG-146 Medium Yes Information disclosure
An issue in the handling of JavaScript prompts was found in WebKitGTK+ < 2.14.3, leading to potential compromise of user information while processing...
CVE-2016-7589 AVG-146 Critical Yes Arbitrary code execution
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to potential arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7586 AVG-146 Medium Yes Information disclosure
A validation issue was found in WebKitGTK+ < 2.14.3, leading to the potential disclosure of user information while processing maliciously crafted web...

Advisories

Date Advisory Group Severity Type
29 Oct 2021 ASA-202110-9 AVG-2483 Medium multiple issues
27 Jul 2021 ASA-202107-67 AVG-2220 High multiple issues
25 Mar 2021 ASA-202103-24 AVG-1721 High multiple issues
26 Nov 2020 ASA-202011-28 AVG-1291 Medium arbitrary code execution
14 Jul 2020 ASA-202007-1 AVG-1203 Critical multiple issues
28 Apr 2020 ASA-202004-23 AVG-1144 Critical arbitrary code execution
19 Apr 2020 ASA-202004-17 AVG-1137 Critical arbitrary code execution
13 Mar 2020 ASA-202003-9 AVG-1114 Critical arbitrary code execution
12 Feb 2020 ASA-202002-7 AVG-1098 Critical arbitrary code execution
17 Feb 2020 ASA-202002-10 AVG-1100 High multiple issues
04 Sep 2019 ASA-201909-1 AVG-1033 Critical multiple issues
28 May 2019 ASA-201905-10 AVG-967 Critical multiple issues
15 Feb 2019 ASA-201902-17 AVG-899 Critical arbitrary code execution
14 Dec 2018 ASA-201812-10 AVG-834 Critical arbitrary code execution
22 Nov 2018 ASA-201811-20 AVG-819 Critical arbitrary code execution
13 May 2018 ASA-201805-9 AVG-692 Critical arbitrary code execution
26 Jul 2017 ASA-201707-25 AVG-362 Critical multiple issues
28 Apr 2017 ASA-201704-9 AVG-235 Critical multiple issues
11 Feb 2017 ASA-201702-9 AVG-170 Critical multiple issues
18 Jan 2017 ASA-201701-27 AVG-146 Critical multiple issues