3807 matches found
CVE-2023-25358
Summary of CVE-2023-25358 (WebKitGTK) : A use-after-free vulnerability in WebCore::RenderLayer::addChild (and related RenderLayer functions) in WebKitGTK before 2.36.8 allows remote code execution. The issue appears in WebKitGTK/WebKitGTK4, affecting the WebKit rendering stack used by GTK-based a...
CVE-2023-25362
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-25360
CVE-2023-25360 is a use-after-free vulnerability in WebKitGTK for the WebCore::RenderLayer::renderer path. Affected product is WebKitGTK before version 2.36.8. The issue allows remote code execution if the vulnerable WebKitGTK component is processed or rendered by a client. The MIRACLE/Linus and ...
CVE-2023-25363
CVE-2023-25363 is a use-after-free in WebKitGTK (WebCore::RenderLayer::updateDescendantDependentFlags) that, in WebKitGTK before 2.36.8, allows remote code execution. The Mirage Linux/MiracleLinux advisory references CVE-2023-25363 as affected (AXSA/MIRACLE LINUX). The available connected documen...
CVE-2023-25360
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-25358
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-25363
A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-25361
A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-25362
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-25362
CVE-2023-25362 is a use-after-free in WebKitGTK’s WebCore::RenderLayer::repaintBlockSelectionGaps, exploitable remotely via WebKitGTK before version 2.36.8. Affected products reference this flaw (MiracleLinux AXSA:2023-5612, Alibaba/Red Hat advisories). Mitigation noted in sources: upgrade WebKit...
CVE-2023-25361
CVE-2023-25361 is a use-after-free in WebKitGTK’s WebCore::RenderLayer::setNextSibling, reported as pre-2.36.8. The vulnerability could allow an attacker to execute arbitrary code on a remote target via crafted web content. The available sources indicate this issue affects WebKitGTK before 2.36.8...
CVE-2023-25362
A use-after-free vulnerability in WebCore::RenderLayer::repaintBlockSelectionGaps in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-25358
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
CVE-2023-25360
A use-after-free vulnerability in WebCore::RenderLayer::renderer in WebKitGTK before 2.36.8 allows attackers to execute code remotely...
Ubuntu 20.04 LTS / 22.04 LTS : WebKitGTK vulnerabilities (USN-5893-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5893-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote...
webkit2gtk3 security update
An update is available for webkit2gtk3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WebKitGTK is the port of the portable web rendering engine WebKit to the...
RLSA-2023:0903 Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution CVE-2023-23529 For more details about the security issues, including the impact, a CVSS score,...
webkit2gtk3 security update
An update is available for webkit2gtk3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list WebKitGTK is the port of the portable web rendering engine WebKit to the...
RLSA-2023:0902 Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution CVE-2023-23529 For more details about the security issues, including the impact, a CVSS score,...
USN-5893-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...