24 matches found
Astra Linux - уязвимость в webkit2gtk
This issue has been resolved through improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, and watchOS 10.4. A malicious website may exfiltrate audio data across origins...
EUVD-2018-16064
Malware in sbrugna...
webkit: malicious website may exfiltrate audio data cross-origin
A vulnerability was found in WebKit, where a remote attacker is able to exfiltrate audio data cross-origin by convincing a victim to visit a specially crafted website, which results in obtaining sensitive information...
Linux Distros Unpatched Vulnerability : CVE-2024-23254
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1,...
webkit: malicious website may exfiltrate audio data cross-origin
A vulnerability was found in WebKit, where a remote attacker is able to exfiltrate audio data cross-origin by convincing a victim to visit a specially crafted website, which results in obtaining sensitive information...
SUSE-SU-2024:1293-1 Security update for webkit2gtk3
webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 boo1222010: - CVE-2024-23252: Credit to anbu1024 of SecANT. Impact: Processing web content may lead to a denial-of-service. Description: The issue was addressed with improved memory handling. - CVE-2024-23254: Credit to...
SUSE CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin...
DEBIAN-CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin...
CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin...
CVE-2024-23254
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin...
PT-2024-19749 · Apple +7 · Macos Sonoma +14
Name of the Vulnerable Software and Affected Versions: tvOS versions prior to 17.4 macOS Sonoma versions prior to 14.4 visionOS versions prior to 1.1 iOS versions prior to 17.4 iPadOS versions prior to 17.4 watchOS versions prior to 10.4 Safari versions prior to 17.4 Description: The issue was...
SUSE CVE-2018-4278
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking...
About the security content of iTunes 12.8 for Windows - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
CVE-2018-20007
Yeelight Smart AI Speaker 3.3.100074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. The attacker can then exfiltrate the audio data, read cleartext Wi-Fi credentials in a log file, or access other sensitive device and user...
CVE-2018-4278
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking...
Cross site scripting
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking...
CVE-2018-4278
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking...
CVE-2018-4278
In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking...
CVE-2018-4278
CVE-2018-4278 affects Safari prior to 11.1.2, iTunes for Windows prior to 12.8, iOS prior to 11.4.1, tvOS prior to 11.4.1, and iCloud for Windows prior to 7.6. The vulnerability involves sound fetched through elements being exfiltrated cross-origin due to insufficient audio taint tracking. The i...
Security update for webkit2gtk3 (moderate)
This update for webkit2gtk3 to version 2.20.5 fixes the following issues: Security issue fixed: - CVE-2018-12911: Fix off-by-one in xdgmimegetsimpleglobs bsc1101999. - CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4267, CVE-2018-4272, CVE-2018-4284: Processin...