GLSA-202407-13 : WebKitGTK+: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-13 WebKitGTK+: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block...

Fedora: Security Advisory (FEDORA-2024-826bf5a09a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: webkitgtk-2.44.2-2.fc39

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

Fedora 39 : webkitgtk (2024-826bf5a09a)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-826bf5a09a advisory. Update to 2.44.2: Make gamepads visible on axis movements, and not only on button presses. Disable the gst-libav AAC decoder. Make user scripts and style...

[SECURITY] Fedora 40 Update: webkitgtk-2.44.2-2.fc40

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

Fedora: Security Advisory (FEDORA-2024-4d71f28349)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : webkitgtk (2024-4d71f28349)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4d71f28349 advisory. Update to 2.44.2: Make gamepads visible on axis movements, and not only on button presses. Disable the gst-libav AAC decoder. Make user scripts and style...

sushi bug fix update

An update is available for sushi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Sushi is a quick file previewer for Nautilus, the GNOME desktop file manager. I...

webkit2gtk3 security update

An update is available for webkit2gtk3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WebKitGTK is the port of the portable web rendering engine WebKit to the...

RLSA-2024:2982 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-42852 webkitgtk: Processing...

Rocky Linux 8 : webkit2gtk3 (RLSA-2024:2982)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2982 advisory. webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code...

CVE-2024-27851

The issue was addressed with improved bounds checks. This issue is fixed in Safari 17.5, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. Processing maliciously crafted web content may lead to arbitrary code execution...

SUSE CVE-2021-21779

A use-after-free vulnerability exists in the way Webkit's GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this...

RHEL 7 : webkitgtk3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - webkitgtk: Use-after-free leading to arbitrary code execution CVE-2021-30858 - Late TLS certificate...

RHEL 7 : webkitgtk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - webkitgtk: heap-based buffer overflow WSA-2015-0001 CVE-2014-1303 - webkitgtk: Processing web content may...

RHEL 6 : webkitgtk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - WebKit: Improper handling of data types from event objects CVE-2010-4205 - webkitgtk: heap-based buffer...

RHEL 8 : cairo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cairo: infinite loop in the function arcerrornormalized in the file cairo-arc.c CVE-2019-6462 - cairo...

USN-6788-1 webkit2gtk vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

USN-6788-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

Ubuntu 22.04 LTS / 23.10 / 24.04 LTS : WebKitGTK vulnerabilities (USN-6788-1)

The remote Ubuntu 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6788-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, ...