CVE-2025-43343

< 2.50.1

The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvO

9.8CRITICAL

CVE-2025-43342

< 2.48.7

A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPa

9.8CRITICAL

CVE-2025-6558

< 2.48.0

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to

8.8HIGH

CVE-2024-27834

< 2.44.2

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadO

5.5MEDIUM

CVE-2024-23284

< 2.44.0

A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS

6.5MEDIUM

CVE-2024-23280

< 2.44.0

An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Son

6.5MEDIUM

CVE-2024-23263

< 2.44.0

A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 a

6.5MEDIUM

CVE-2024-23254

< 2.44.0

The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4

6.5MEDIUM

CVE-2023-42843

< 2.44.0

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16

4.3MEDIUM

CVE-2023-40397

< 2.40.5

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause ar

9.8CRITICAL

CVE-2023-32370

< 2.40.1

A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block

5.3MEDIUM

CVE-2023-28198

< 2.40.1

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventu

8.8HIGH

CVE-2019-8720

< 2.26.0

A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitr

8.8HIGH

CVE-2022-32893

< 2.36.7

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, mac

8.8HIGH

CVE-2022-2294

< 2.36.5

Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corr

8.8HIGH

CVE-2021-42762

< 2.34.1

BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process t

5.3MEDIUM

CVE-2021-30952

< 2.34.4

An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15

7.8HIGH

CVE-2020-13753

< 2.28.3

The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOC

10.0CRITICAL

CVE-2020-11793

< 2.28.1

A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote a

8.8HIGH

CVE-2020-10018

< 2.28.0

WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption i

9.8CRITICAL

CVE-2019-11070

< 2.24.1

WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestre

5.3MEDIUM

CVE-2019-6251

< 2.24.1

WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An a

8.1HIGH

CVE-2018-12293

< 2.20.1

The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used

8.8HIGH