A number of flaws were found in WebKit that also affect WebKitGTK.  The following list of vulnerabilities are currently unresolved in upstream version 1.2.3:

- CVE-2010-1780 (crash when focus is changed while trying to focus next element)
A use after free issue exists in WebKit's handling of element focus. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of element focus. Credit to Tony Chang of Google, Inc. for reporting this issue.
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=40407
* Trac: http://trac.webkit.org/changeset/60984


- CVE-2010-1782 (Memory Corruption in RenderBoxModelObject)
A memory corruption issue exists in WebKit's rendering of inline elements. Visiting a maliciously crafted website may lead to an  unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to wushi of team509 for reporting this issue.
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=39305
* Trac: http://trac.webkit.org/changeset/61921


- CVE-2010-1783 memory corruption (read random system memory) in RenderBlock(?)
A memory corruption issue exists in WebKit's handling of dynamic modifications to text nodes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.  This issue is addressed through improved memory management.
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=38977
* Trac: http://trac.webkit.org/changeset/62134


- CVE-2010-1784 (ZDI-CAN-784: Apple Webkit Rendering Counter Remote Code Execution Vulnerability)
A memory corruption issue exists in WebKit's handling of CSS counters. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management.  
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=40032
* Trac: http://trac.webkit.org/changeset/62271
* NOTE: related NULL deref, but no patch: https://bugs.webkit.org/show_bug.cgi?id=41472


- CVE-2010-1785 (ZDI-CAN-782: Apple Webkit SVG First-Letter Style Remote Code Execution Vulnerability)
An uninitialized memory access issue exists in WebKit's handling of the :first-letter and :first-line pseudo-elements in SVG text elements.  Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed by not rendering :first-letter or :first-line pseudo-elements in SVG text elements. [Credit to wushi of team509, working with TippingPoint's Zero Day Initiative for reporting this issue.]
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=40031
* Trac: http://trac.webkit.org/changeset/61050
* Trac: http://trac.webkit.org/changeset/61051


- CVE-2010-1786 (ZDI-CAN-766: SVG ForeignObject Rendering Layout Vulnerability)
A use after free issue exists in WebKit's handling of foreignObject elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through additional validation of SVG documents. [Credit to wushi of team509, working with TippingPoint's Zero Day Initiative for reporting this issue.]
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=38627
* Trac: http://trac.webkit.org/changeset/61667


- CVE-2010-1787 (ZDI-CAN-785: Apple Webkit SVG Floating Text Element Remote Code Execution Vulnerability)
A memory corruption issue exists in WebKit's handling of floating elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management.
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=40033
* Trac: http://trac.webkit.org/changeset/61044


- CVE-2010-1788 (Memory corruption with SVG <use> element)
A memory corruption issue exists in WebKit's handling of 'use' elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of 'use' elements in SVG documents. Credit to Justin Schuh of Google,
Inc. for reporting this issue.
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=40994
* Trac: http://trac.webkit.org/changeset/62482


- CVE-2010-1790 (Crash when re-entering polymorphic cache stubs)
A reentrancy issue exists in WebKit's handling of just-in-time compiled javascript stubs. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved synchronization.
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=41482
* Trac: http://trac.webkit.org/changeset/62301


- CVE-2010-1792 (Yarr Interpreter is crashing in some cases of look-ahead regex patterns)
A memory corruption issue exists in WebKit's handling of regular expressions. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of regular expressions.  Credit to Peter Varga of University of Szeged for reporting this issue.
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=41458
* Trac: http://trac.webkit.org/changeset/62386


- CVE-2010-1793 (<use> on <font-face> causes crashes, if SVGUseElement gets detached)
A use after free issue exists in WebKit's handling of "font-face" and "use" elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of "font-face" and "use" elements in SVG documents [Credit to Aohelin for reporting this issue.]
* Bugzilla: https://bugs.webkit.org/show_bug.cgi?id=41621
* Trac: http://trac.webkit.org/changeset/62662


Upstream WebKitGTK intends to correct all of these in an upcoming release.