PT-2023-9367 · Apple +7 · Macos Sonoma +11

Name of the Vulnerable Software and Affected Versions: Safari versions prior to 17.2 iOS versions prior to 17.2 iPadOS versions prior to 17.2 macOS Sonoma versions prior to 14.2 WebKitGTK affected versions not specified WPE WebKit affected versions not specified Description: The issue is related ...

PT-2023-7605 · Apple +9 · Safari +12

Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.1 Safari versions prior to 17.1 iOS versions prior to 16.7.2 and prior to 17.1 iPadOS versions prior to 16.7.2 and prior to 17.1 Description: The issue is related to improved memory handling. Processing web...

Fedora: Security Advisory for webkitgtk (FEDORA-2023-1536766e9f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the use of memory after it is freed, allows attackers to execute arbitrary code.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

[SECURITY] Fedora 37 Update: webkitgtk-2.42.1-1.fc37

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

Fedora 37 : webkitgtk (2023-1536766e9f)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1536766e9f advisory. New renderer based on DMA-BUF shared buffers. Add new permission request to handle DOM paste access requests. Add API to configure experimental...

Ubuntu: Security Advisory (USN-6426-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6426-1 webkit2gtk vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

USN-6426-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, caused by buffer overflows, allows attackers to execute arbitrary code.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit arises due to buffer overflows. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

Ubuntu 22.04 LTS / 23.04 : WebKitGTK vulnerabilities (USN-6426-1)

The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6426-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a...

CVE-2023-39928

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability...

DEBIAN-CVE-2023-39928

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability...

CVE-2023-39928

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability...

CVE-2023-39928

CVE-2023-39928 is a use-after-free in the MediaRecorder API of WebKitGTK (WebKit2GTK). A specially crafted page can cause memory corruption and potentially arbitrary code execution; exploitation requires visiting a malicious webpage. Debian confirms the issue and provides fixes in webkit2gtk: 2.4...

CVE-2023-39928

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability...

Webkit MediaRecorder API stopRecording use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1831 Webkit MediaRecorder API stopRecording use-after-free vulnerability October 6, 2023 CVE Number CVE-2023-39928 SUMMARY A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to memory access after it is freed, allows attackers to execute arbitrary code.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit lies in the access to memory after it has been freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the disclosure of protected information, allows attackers to disclose such information.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit is related to the disclosure of protected information. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

SUSE CVE-2023-39928

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability...