webkitgtk

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Unknown
Version Removed

Open

Group Affected Fixed Severity Status Ticket
AVG-234 2.4.11-6 Critical Unknown
AVG-171 2.4.11-6 Critical Unknown
Issue Group Severity Remote Type Description
CVE-2017-2538 AVG-234 Critical Yes Arbitrary code execution
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with...
CVE-2017-2481 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2476 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2475 AVG-234 Medium Yes Cross-site scripting
An issue has been found in WebKit, allowing remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site.
CVE-2017-2471 AVG-234 Critical Yes Arbitrary code execution
A use-after-free vulnerability has been found in WebKit, allowing remote attackers to execute arbitrary code via a crafted web site.
CVE-2017-2470 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2469 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2468 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2466 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2465 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2464 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2460 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2459 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2457 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2455 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2454 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2447 AVG-234 High Yes Information disclosure
An issue has been found in WebKit, allowing remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted web site.
CVE-2017-2446 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code via a crafted web site that leverages the mishandling of strict mode...
CVE-2017-2445 AVG-234 High Yes Cross-site scripting
An issue has been found in WebKit, allowing remote attackers to conduct Universal XSS (UXSS) attacks via crafted frame objects.
CVE-2017-2442 AVG-234 High Yes Same-origin policy bypass
An issue has been found in WebKit, involving the “WebKit JavaScript Bindings” component. It allows remote attackers to bypass the Same Origin Policy and...
CVE-2017-2433 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2424 AVG-234 Critical Yes Information disclosure
Processing maliciously crafted web content may result in the disclosure of process memory. Description: An information disclosure issue existed in the...
CVE-2017-2419 AVG-234 High Yes Access restriction bypass
An issue has been found in WebKit, allowing remote attackers to bypass a Content Security Policy protection mechanism via unspecified vectors.
CVE-2017-2415 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code by leveraging an unspecified “type confusion.”.
CVE-2017-2405 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in the “WebKit Web Inspector” component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory...
CVE-2017-2396 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2395 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2394 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application...
CVE-2017-2392 AVG-234 Critical Yes Arbitrary code execution
An issue has been found in WebKit, allowing attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
CVE-2017-2386 AVG-234 High Yes Same-origin policy bypass
An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2377 AVG-234 Medium Yes Denial of service
This issue involves the “WebKit Web Inspector” component. It allows attackers to cause a denial of service (memory corruption and application crash) by...
CVE-2017-2376 AVG-234 High Yes Content spoofing
An issue has been found in WebKit, allowing remote attackers to spoof the address bar by leveraging text input during the loading of a page.
CVE-2017-2373 AVG-171 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2371 AVG-171 Medium Yes Access restriction bypass
An issue has been found in the handling of blocking popups in WebKitGTK+ before 2.14.4, allowing a malicious website to open popups.
CVE-2017-2369 AVG-171 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2367 AVG-234 High Yes Same-origin policy bypass
An issue has been found in WebKit, allowing remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
CVE-2017-2366 AVG-171 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2365 AVG-171 Medium Yes Information disclosure
A validation issue has been found in variable handling in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while processing maliciously...
CVE-2017-2364 AVG-171 Medium Yes Information disclosure
Multiple validation issues have been found in the handling of page loading in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while...
CVE-2017-2363 AVG-171 Medium Yes Information disclosure
Multiple validation issues have been found in the handling of page loading in WebKitGTK+ before 2.14.4, leading to cross-origin data exfiltration while...
CVE-2017-2362 AVG-171 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2356 AVG-171 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2355 AVG-171 Critical Yes Arbitrary code execution
A memory initialization issue has been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2354 AVG-171 Critical Yes Arbitrary code execution
Several memory corruption issues have been found in WebKitGTK+ before 2.14.4, leading to arbitrary code execution while processing maliciously crafted web content.
CVE-2017-2350 AVG-171 Medium Yes Information disclosure
A security issue has been found in WebKitGTK+ before 2.14.4, where processing maliciously crafted web content may exfiltrate data cross- origin.
CVE-2016-9643 AVG-234 Medium Yes Denial of service
The regex code in WebKitGTK+ before 2.14.6 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($...
CVE-2016-9642 AVG-234 Medium Yes Denial of service
JavaScriptCore in WebKitGTK+ before 2.16.0 allows attackers to cause a denial of service (out-of-bounds heap read) via a crafted Javascript file.