threat
engine
.sh
Back
·
··:··
Home
/
Product
/
webkitgtk
Product
webkitgtk
136 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-43343
< 2.50.1
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvO
9.8
CRITICAL
CVE-2025-43342
< 2.48.7
A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPa
9.8
CRITICAL
CVE-2025-6558
< 2.48.0
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to
8.8
HIGH
CVE-2024-27834
< 2.44.2
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadO
5.5
MEDIUM
CVE-2024-23284
< 2.44.0
A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS
6.5
MEDIUM
CVE-2024-23280
< 2.44.0
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Son
6.5
MEDIUM
CVE-2024-23263
< 2.44.0
A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 a
6.5
MEDIUM
CVE-2024-23254
< 2.44.0
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4
6.5
MEDIUM
CVE-2023-42843
< 2.44.0
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16
4.3
MEDIUM
CVE-2023-42917
< 2.42.3
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS
8.8
HIGH
CVE-2023-42916
< 2.42.3
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Son
6.5
MEDIUM
CVE-2023-39928
all versions
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse
8.8
HIGH
CVE-2023-41993
< 2.42.2
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary
8.8
HIGH
CVE-2023-40397
< 2.40.5
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause ar
9.8
CRITICAL
CVE-2023-32370
< 2.40.1
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block
5.3
MEDIUM
CVE-2023-28198
< 2.40.1
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventu
8.8
HIGH
CVE-2023-37450
< 2.42.3
The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ven
8.8
HIGH
CVE-2023-32439
< 2.42.3
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPa
8.8
HIGH
CVE-2023-32373
< 2.42.3
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura
8.8
HIGH
CVE-2023-28204
< 2.42.3
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 1
6.5
MEDIUM
CVE-2023-2203
all versions
A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This fla
8.8
HIGH
CVE-2019-8720
< 2.26.0
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitr
8.8
HIGH
CVE-2023-25363
< 2.36.8
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers
8.8
HIGH
CVE-2023-25362
< 2.36.8
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to e
8.8
HIGH
CVE-2023-25361
< 2.36.8
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code
8.8
HIGH
CVE-2023-25360
< 2.36.8
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remot
8.8
HIGH
CVE-2023-25358
< 2.36.8
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remot
8.8
HIGH
CVE-2022-42826
< 2.40.1
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS
8.8
HIGH
CVE-2022-32893
< 2.36.7
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, mac
8.8
HIGH
CVE-2022-2294
< 2.36.5
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corr
8.8
HIGH
CVE-2022-30293
<= 2.36.0
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLay
7.5
HIGH
CVE-2022-22590
< 2.36.7
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4
8.8
HIGH
CVE-2021-45483
< 2.32.4
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::Frame::page, a different vulnerability than CVE-2021-30889.
6.5
MEDIUM
CVE-2021-45482
< 2.32.4
In WebKitGTK before 2.32.4, there is a use-after-free in WebCore::ContainerNode::firstChild, a different vulnerability than CVE-20
6.5
MEDIUM
CVE-2021-45481
< 2.32.4
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading
6.5
MEDIUM
CVE-2021-42762
< 2.34.1
BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process t
5.3
MEDIUM
CVE-2021-30952
< 2.34.4
An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15
7.8
HIGH
CVE-2021-21806
all versions
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can
8.8
HIGH
CVE-2021-21779
all versions
A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A speciall
8.8
HIGH
CVE-2021-21775
all versions
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4.
8.0
HIGH
CVE-2021-1870
< 2.30.6
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catali
9.8
CRITICAL
CVE-2021-1801
< 2.30.6
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021
6.5
MEDIUM
CVE-2021-1799
< 2.30.6
A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update
6.5
MEDIUM
CVE-2021-1789
< 2.30.6
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021
8.8
HIGH
CVE-2021-1765
< 2.30.6
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021
6.5
MEDIUM
CVE-2020-29623
< 2.30.6
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fix
3.3
LOW
CVE-2020-13558
all versions
A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially cr
8.8
HIGH
CVE-2020-27918
< 2.30.6
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iO
7.8
HIGH
CVE-2020-13584
all versions
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can
8.8
HIGH
CVE-2020-13543
all versions
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can
8.8
HIGH
CVE-2020-9952
<= 2.30.3
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0
7.1
HIGH
CVE-2020-9951
<= 2.30.3
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously c
8.8
HIGH
CVE-2020-9948
<= 2.30.3
A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously cra
8.8
HIGH
CVE-2020-13753
< 2.28.3
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOC
10.0
CRITICAL
CVE-2020-11793
< 2.28.1
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote a
8.8
HIGH
CVE-2020-10018
< 2.28.0
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption i
9.8
CRITICAL
CVE-2020-3867
< 2.26.4
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safa
6.1
MEDIUM
CVE-2013-7324
> 2.0.0 and <= 2.26.4
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly hig
5.3
MEDIUM
CVE-2016-4761
< 2.14.0
WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS
8.8
HIGH
CVE-2019-8813
< 2.26.4
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.
6.1
MEDIUM
CVE-2019-8764
< 2.26.4
A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web
6.1
MEDIUM
CVE-2019-8719
< 2.26.4
A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for
6.1
MEDIUM
CVE-2019-8674
< 2.26.4
A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously craft
6.1
MEDIUM
CVE-2019-8625
< 2.26.4
A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for
6.1
MEDIUM
CVE-2019-11070
< 2.24.1
WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestre
5.3
MEDIUM
CVE-2019-6234
< 2.22.6
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0
8.8
HIGH
CVE-2019-8375
<= 2.23.90
The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.90 and WebKitGTK+ through 2.22.6 and other products, does not
9.8
CRITICAL
CVE-2019-6251
< 2.24.1
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An a
8.1
HIGH
CVE-2018-4213
< 2.22.0
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4
8.8
HIGH
CVE-2018-4212
<= 2.22.0
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4
8.8
HIGH
CVE-2018-4210
< 2.22.0
In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing
8.8
HIGH
CVE-2018-4209
< 2.22.0
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4
8.8
HIGH
CVE-2018-4208
< 2.22.0
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4
8.8
HIGH
CVE-2018-4207
< 2.22.0
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4
8.8
HIGH
CVE-2018-12911
all versions
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/x
9.8
CRITICAL
CVE-2018-12294
< 2.20.2
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to
8.8
HIGH
CVE-2018-12293
< 2.20.3
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used
8.8
HIGH
CVE-2018-11713
< 2.20.0
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior
6.5
MEDIUM
CVE-2018-11712
all versions
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versi
7.5
HIGH
CVE-2018-11646
<= 2.21.3
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.c
7.5
HIGH
CVE-2018-4165
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4163
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4162
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4146
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
6.5
MEDIUM
CVE-2018-4133
< 2.20.4
An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Sa
6.1
MEDIUM
CVE-2018-4129
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4128
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4127
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4125
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4122
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4120
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4119
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4118
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4117
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
6.5
MEDIUM
CVE-2018-4114
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2018-4113
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
6.5
MEDIUM
CVE-2018-4101
< 2.20.4
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4
8.8
HIGH
CVE-2017-1000122
< 2.16.3
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing
5.3
MEDIUM
CVE-2017-1000121
< 2.16.3
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a c
9.8
CRITICAL
CVE-2015-2330
<= 2.6.5
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, f
7.5
HIGH
CVE-2017-2373
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10
8.8
HIGH
CVE-2017-2369
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10
8.8
HIGH
CVE-2017-2365
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10
6.5
MEDIUM
CVE-2017-2363
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10
6.5
MEDIUM
CVE-2017-2360
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10
7.8
HIGH
CVE-2017-2356
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before
8.8
HIGH
CVE-2017-2355
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before
8.8
HIGH
CVE-2017-2354
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. iCloud before
8.8
HIGH
CVE-2017-2350
< 2.16.3
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10
6.5
MEDIUM
CVE-2016-4592
< 2.10.5
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to cause a denial of service
6.5
MEDIUM
CVE-2016-4583
< 2.12.2
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Pol
3.1
LOW
CVE-2016-1859
< 2.12.1
The WebKit Canvas implementation in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1 allows remote attackers to
8.8
HIGH
CVE-2016-1858
< 2.12.0
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly tracks taint attributes, which a
6.5
MEDIUM
CVE-2016-1857
< 2.12.3
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrar
8.8
HIGH
CVE-2016-1856
< 2.12.1
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrar
8.8
HIGH
CVE-2016-1854
< 2.12.1
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, allows remote attackers to execute arbitrar
8.8
HIGH
CVE-2016-1783
< 2.10.5
WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause
8.8
HIGH
CVE-2016-1727
< 2.10.5
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrar
8.8
HIGH
CVE-2016-1724
< 2.10.5
WebKit, as used in Apple iOS before 9.2.1, Safari before 9.0.3, and tvOS before 9.1.1, allows remote attackers to execute arbitrar
8.8
HIGH
CVE-2010-4577
< 1.2.6
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chro
7.5
HIGH
CVE-2010-4206
< 1.2.6
Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chr
8.8
HIGH
CVE-2010-4204
< 1.2.6
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this
9.8
CRITICAL
CVE-2010-4198
all versions
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large tex
8.8
HIGH
CVE-2010-4197
< 1.2.6
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, al
9.8
CRITICAL
CVE-2010-1807
<= 1.2.5
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly va
CVE-2010-1815
< 1.2.6
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows re
CVE-2010-1814
< 1.2.6
WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitr
CVE-2010-1812
< 1.2.6
Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows re
CVE-2010-3259
< 1.2.6
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6,
CVE-2010-3257
< 1.2.6
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.
CVE-2010-3255
< 1.2.6
Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to
CVE-2010-3119
< 1.2.6
Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not properly support the Ruby language, which allows attackers to c
CVE-2010-3116
< 1.2.6
Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome befo
CVE-2010-3115
< 1.2.6
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow r
CVE-2010-3114
< 1.2.6
The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before
CVE-2010-3113
< 1.2.5
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attacker
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin