20 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-8684
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3,...
Mageia: Security Advisory (MGASA-2019-0281)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2022:0142-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0142-1 advisory. - Update to version 2.34.3 bsc1194019. - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy...
SUSE: Security Advisory (SUSE-SU-2019:2345-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2345-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Multiple Products Memory Corruption (CVE-2019-8684)
A memory corruption vulnerability exists in Apple. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:2208-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-8684
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may...
CVE-2019-8684
CVE-2019-8684 is listed among multiple memory-corruption fixes in WebKitGTK/WebKitGTK4 updates (ALAS2-2020-1563). The advisory confirms issues addressed by memory-management improvements and states the vulnerability could allow arbitrary code execution when processing malicious web content. Affec...
openSUSE Security Update : webkit2gtk3 (openSUSE-2019-2207)
This update for webkit2gtk3 fixes the following issues : Security issues fixed : - CVE-2019-8673, CVE-2019-8678, CVE-2019-8686, CVE-2019-8683, CVE-2019-8671, CVE-2019-8595, CVE-2019-8684, CVE-2019-8681, CVE-2019-8615, CVE-2019-8689, CVE-2019-8680, CVE-2019-8672, CVE-2019-8676, CVE-2019-8666,...
openSUSE Security Update : webkit2gtk3 (openSUSE-2019-2208)
This update for webkit2gtk3 fixes the following issues : Security issues fixed : - CVE-2019-8673, CVE-2019-8678, CVE-2019-8686, CVE-2019-8683, CVE-2019-8671, CVE-2019-8595, CVE-2019-8684, CVE-2019-8681, CVE-2019-8615, CVE-2019-8689, CVE-2019-8680, CVE-2019-8672, CVE-2019-8676, CVE-2019-8666,...
SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:2428-1)
This update for webkit2gtk3 fixes the following issues : Security issues fixed : CVE-2019-8673, CVE-2019-8678, CVE-2019-8686, CVE-2019-8683, CVE-2019-8671, CVE-2019-8595, CVE-2019-8684, CVE-2019-8681, CVE-2019-8615, CVE-2019-8689, CVE-2019-8680, CVE-2019-8672, CVE-2019-8676, CVE-2019-8666,...
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:2345-1)
This update for webkit2gtk3 fixes the following issues : Updated to version 2.24.4 bsc1148931. Security issues fixed : CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688, CVE-2019-8595, CVE-2019-8607, CVE-2019-8615...
Debian DSA-4515-1 : webkit2gtk - security update
Several vulnerabilities have been discovered in the webkit2gtk web engine : - CVE-2019-8644 G. Geshev discovered memory corruption issues that can lead to arbitrary code execution. - CVE-2019-8649 Sergei Glazunov discovered an issue that may lead to universal cross site scripting. - CVE-2019-8658...
FreeBSD : webkit2-gtk3 -- Multiple vulnerabilities (e45c3669-caf2-11e9-851a-dcf3aaa3f3ff)
The WebKitGTK project reports many vulnerabilities, including several arbitrary code execution vulnerabilities. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2021 Jacques Vidrine and...
macOS : Apple Safari < 12.1.2 Multiple Vulnerabilities
The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 12.1.2 It is, therefore, affected by multiple vulnerabilities in the following components : - Safari - WebKit C Tenable Network Security, Inc. include'compat.inc'; if description scriptid128178;...
JSC BytecodeGenerator::emitEqualityOpImpl Data Mishandling
JSC: A bug in BytecodeGenerator::emitEqualityOpImpl Related CVE Numbers: CVE-2019-8684. PoC: let a = 1 || typeof 1 === 'string'; Generated bytecode: BPmgTo:0x7ff1965a0000-0x7ff1965a8000, NoneGlobal, 37: 11 instructions 0 wide instructions, 2 instructions with metadata; 225 bytes 188 metadata byte...
Apple iTunes < 12.9.6 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.9.6. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210356 advisory. - A remote attacker may be able to view sensitive information CVE-2019-13118 - Processing maliciously crafted web...
Apple iTunes < 12.9.6 Multiple Vulnerabilities (uncredentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.9.6. It is, therefore, affected by multiple vulnerabilities as referenced in the HT210356 advisory. - A remote attacker may be able to view sensitive information CVE-2019-13118 - Processing maliciously crafted web...
About the security content of iCloud for Windows 10.6
About the security content of iCloud for Windows 10.6 This document describes the security content of iCloud for Windows 10.6. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...