CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9948 – Apple Safari replace Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-9948
18 Sep 2020 — A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de confusión de tipo con un manejo de la memoria mejorado. Este problema es corregido en Safari versión 14.0. • http://seclists.org/fulldisclosure/2020/Nov/18 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-9951 – webkitgtk: use-after-free may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2020-9951
18 Sep 2020 — A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de la memoria previamente liberada con una administración de la memoria mejorada. Este problema es corregido en Safari versión 14.0. • http://seclists.org/fulldisclosure/2020/Nov/18 • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2020-9952 – webkitgtk: input validation issue may lead to a cross site scripting
https://notcve.org/view.php?id=CVE-2020-9952
18 Sep 2020 — An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21. Processing maliciously crafted web content may lead to a cross site scripting attack. Se abordó un problema de comprobación de entrada con una comprobación de entrada mejorada. Este problema es corregido en iOS versión 14.0 e iPadOS versión 14.0, tvOS versión 14.0, watchOS versión 7.0, Safari versi... • http://seclists.org/fulldisclosure/2020/Nov/18 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2018-4209 – Gentoo Linux Security Advisory 201812-04
https://notcve.org/view.php?id=CVE-2018-4209
01 Oct 2018 — In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. En iOS en versiones anteriores a la 11.3, Safari en versiones anteriores a la 11.1, iCloud para Windows en versiones anteriores a la 7.4, tvOS en versiones anteriores a la 11.3, watchOS en versiones anteriores a la 4.3 e iTunes en versiones anteriores a la 12.7.4 para Wind... • https://security.gentoo.org/glsa/201812-04 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12294 – Gentoo Linux Security Advisory 201808-04
https://notcve.org/view.php?id=CVE-2018-12294
14 Jun 2018 — WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object. WebCore/platform/graphics/texmap/TextureMapperLayer.cpp en WebKit, tal y como se emplea en WebKitGTK+ en versiones anteriores a la 2.20.2, es vulnerable a un uso de memoria previamente liberada en un objeto WebCore::TextureMapperLayer. Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit that can lead to ... • http://packetstormsecurity.com/files/148200/WebKitGTK-Data-Leak-Code-Execution.html • CWE-416: Use After Free •