| CVE-2017-2538 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with... |
| CVE-2017-2481 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2476 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2475 |
AVG-234 |
Medium |
Yes |
Cross-site scripting |
An issue has been found in WebKit, allowing remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site. |
| CVE-2017-2471 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been found in WebKit, allowing remote attackers to execute arbitrary code via a crafted web site. |
| CVE-2017-2470 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2469 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2468 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2466 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2465 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2464 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2460 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2459 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2457 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2455 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2454 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2447 |
AVG-234 |
High |
Yes |
Information disclosure |
An issue has been found in WebKit, allowing remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted web site. |
| CVE-2017-2446 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code via a crafted web site that leverages the mishandling of strict mode... |
| CVE-2017-2445 |
AVG-234 |
High |
Yes |
Cross-site scripting |
An issue has been found in WebKit, allowing remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects. |
| CVE-2017-2442 |
AVG-234 |
High |
Yes |
Same-origin policy bypass |
An issue has been found in WebKit, involving the “WebKit JavaScript Bindings” component. It allows remote attackers to bypass the Same Origin Policy and... |
| CVE-2017-2433 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2424 |
AVG-234 |
Critical |
Yes |
Information disclosure |
Processing maliciously crafted web content may result in the disclosure of process memory. Description: An information disclosure issue existed in the... |
| CVE-2017-2419 |
AVG-234 |
High |
Yes |
Access restriction bypass |
An issue has been found in WebKit, allowing remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors. |
| CVE-2017-2415 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code by leveraging an unspecified “type confusion.”. |
| CVE-2017-2405 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in the “WebKit Web Inspector” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory... |
| CVE-2017-2396 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2395 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2394 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application... |
| CVE-2017-2392 |
AVG-234 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in WebKit, allowing attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app. |
| CVE-2017-2386 |
AVG-234 |
High |
Yes |
Same-origin policy bypass |
An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. |
| CVE-2017-2377 |
AVG-234 |
Medium |
Yes |
Denial of service |
This issue involves the “WebKit Web Inspector” component. It allows attackers to cause a denial of service (memory corruption and application crash) by... |
| CVE-2017-2376 |
AVG-234 |
High |
Yes |
Content spoofing |
An issue has been found in WebKit, allowing remote attackers to spoof the address bar by leveraging text input during the loading of a page. |
| CVE-2017-2373 |
AVG-171 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2371 |
AVG-171 |
Medium |
Yes |
Access restriction bypass |
An issue has been found in the handling of blocking popups in WebKitGTK+ before 2.14.4, allowing a malicious website to open popups. |
| CVE-2017-2369 |
AVG-171 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2367 |
AVG-234 |
High |
Yes |
Same-origin policy bypass |
An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. |
| CVE-2017-2366 |
AVG-171 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2365 |
AVG-171 |
Medium |
Yes |
Information disclosure |
A validation issue has been found in variable handling in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while processing maliciously... |
| CVE-2017-2364 |
AVG-171 |
Medium |
Yes |
Information disclosure |
Multiple validation issues have been found in the handling of page loading in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while... |
| CVE-2017-2363 |
AVG-171 |
Medium |
Yes |
Information disclosure |
Multiple validation issues have been found in the handling of page loading in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while... |
| CVE-2017-2362 |
AVG-171 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2356 |
AVG-171 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2355 |
AVG-171 |
Critical |
Yes |
Arbitrary code execution |
A memory initialization issue has been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2354 |
AVG-171 |
Critical |
Yes |
Arbitrary code execution |
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content. |
| CVE-2017-2350 |
AVG-171 |
Medium |
Yes |
Information disclosure |
A security issue has been found in WebKitGTK+ before 2.14.4, where processing maliciously crafted web content may exfiltrate data cross- origin. |
| CVE-2016-9643 |
AVG-234 |
Medium |
Yes |
Denial of service |
The regex code in WebKitGTK+ before 2.14.6 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($... |
| CVE-2016-9642 |
AVG-234 |
Medium |
Yes |
Denial of service |
JavaScriptCore in WebKitGTK+ before 2.16.0 allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file. |