22 matches found
CLSA-2025-1751894976 webkit2gtk3: Fix of 4 CVEs
Update to 2.44.4 - CVE-2023-42950: fix a use after free issue - CVE-2024-27851: fix processing maliciously crafted web content may lead to arbitrary code execution - CVE-2024-27820: fix processing web content may lead to arbitrary code execution - CVE-2024-4558: fix use after free in ANGLE...
TencentOS Server 3: webkit2gtk3 (TSSA-2024:1154)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1154 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2023-42950
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, mac...
K000148511: WebKitGTK and WPE WebKit vulnerability CVE-2023-42950
Security Advisory Description A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...
Oracle Java SE Security Update (Oct24-1) - Linux
Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Java SE Security Update (Oct24-1) - Windows
Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA74035 Multiple vulnerabilities in Oracle Java
Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Validation of untrusted input vulnerability can be exploited...
RHEL 8 : webkitgtk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - webkit: heap use-after-free may lead to arbitrary code execution CVE-2023-42950 - An inconsistent user...
Fedora: Security Advisory (FEDORA-2024-a1246372a4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : webkit2gtk4.0 (2024-a1246372a4)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a1246372a4 advisory. Update to 2.44.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...
SUSE: Security Advisory (SUSE-SU-2024:1269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1270-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:1293-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12: libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc (SUSE-SU-2024:1293-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1293-1 advisory. webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 boo1222010: - CVE-2024-23252:...
SUSE SLED15: WebKitGTK-4.0-lang / WebKitGTK-4.1-lang / WebKitGTK-6.0-lang / etc (SUSE-SU-2024:1270-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1270-1 advisory. - CVE-2024-23252: Fixed denial of service via crafted web content bsc1222010. - CVE-2024-23254:...
CVE-2023-42950 vulnerabilities
Vulnerabilities for packages: openjdk-8-openj9, openjdk-21-openj9, openjdk-11-openj9, openjdk-26-openj9, openjdk-17-openj9, openjdk-25-openj9...
CVE-2023-42950
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...
SUSE CVE-2023-42950
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2023-42950
A heap use-after-free vulnerability was found in WebKit. Exploiting this flaw involves processing maliciously crafted web content, which may result in arbitrary code execution...
Amazon Linux 2 : webkitgtk4 (ALAS-2024-2434)
The version of webkitgtk4 installed on the remote host is prior to 2.42.4-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2434 advisory. 2024-04-11: CVE-2023-42950 was added to this advisory. A use after free issue was addressed with improved memory...