Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-1801

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update...

6.5CVSS7.1AI score0.01515EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/10 12:0 a.m.11 views

NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2024-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities: - A use-after-free issue was found in the AudioSourceProviderGStreamer class of WebKitGTK and WPE WebKit in versions prior to 2.30.5. Processing maliciously...

9.8CVSS7.2AI score0.16342EPSS
Exploits11References115
Amazon
Amazon
added 2023/06/12 12:0 a.m.65 views

Important: webkitgtk4

Issue Overview: A logic issue was addressed with improved state management. CVE-2020-22592 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS 14.2,...

9.8CVSS9AI score0.34574EPSS
Exploits14
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2021-0181)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.14542EPSS
Exploits0References9
OSV
OSV
added 2021/11/09 9:15 a.m.53 views

RLSA-2021:4381 Moderate: GNOME security, bug fix, and enhancement update

GNOME is the default desktop environment of Rocky Linux. The following packages have been upgraded to a later upstream version: gdm 40.0, webkit2gtk3 2.32.3. BZ1909300 Security Fixes: webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558...

9.8CVSS9.1AI score0.14542EPSS
Exploits8References69
OpenVAS
OpenVAS
added 2021/06/18 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2021:1990-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.14542EPSS
Exploits3References11
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2021:1499-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.14542EPSS
Exploits0References8
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/01 12:0 a.m.59 views

Security update for webkit2gtk3 (important)

openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2021:0637-1 Rating: important References: 1182719 1184155 1184262 Cross-References: CVE-2020-27918 CVE-2020-29623 CVE-2021-1765 CVE-2021-1788 CVE-2021-1789 CVE-2021-1799 CVE-2021-1801 CVE-2021-1844 CVE-2021-187...

9.8CVSS6.8AI score0.14542EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/04/30 12:0 a.m.73 views

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2021:1430-1)

This update for webkit2gtk3 fixes the following issues : Update to version 2.32.0 bsc1184155 : - Fix the authentication request port when URL omits the port. - Fix iframe scrolling when main frame is scrolled in async - scrolling mode. - Stop using gmemdup. - Show a warning message when overridin...

9.8CVSS7.4AI score0.14542EPSS
Exploits0References24
NVD
NVD
added 2021/04/02 7:15 p.m.26 views

CVE-2021-1801

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy...

6.5CVSS0.01515EPSS
Exploits0References7
Cvelist
Cvelist
added 2021/04/02 6:5 p.m.33 views

CVE-2021-1801

This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Maliciously crafted web content may violate iframe sandboxing policy...

7AI score0.01515EPSS
Exploits0References7
CVE
CVE
added 2021/04/02 6:5 p.m.319 views

CVE-2021-1801

CVE-2021-1801 affects WebKitGTK (and WPE WebKit) up to pre-2.30.6. The issue allows a maliciously crafted web content to violate iframe sandboxing policy, effectively a sandbox/iframe policy relaxation risk. Public advisories (Arch Linux ASA-202103-24 and Debian security notices) describe this as...

6.5CVSS6.8AI score0.01515EPSS
Exploits0References7Affected Software5
OpenVAS
OpenVAS
added 2021/03/30 12:0 a.m.36 views

Debian: Security Advisory (DSA-4877-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.14542EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/03/29 12:0 a.m.29 views

Fedora: Security Advisory for webkit2gtk3 (FEDORA-2021-8070916f7a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.3AI score0.14542EPSS
Exploits0References4
Debian
Debian
added 2021/03/27 6:41 a.m.267 views

[SECURITY] [DSA 4877-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4877-1 [email protected] https://www.debian.org/security/ Alberto Garcia March 27, 2021 https://www.debian.org/security/faq -...

9.8CVSS9AI score0.14542EPSS
Exploits0
ArchLinux
ArchLinux
added 2021/03/25 12:0 a.m.221 views

[ASA-202103-25] wpewebkit: multiple issues

Arch Linux Security Advisory ASA-202103-25 ========================================== Severity: High Date : 2021-03-25 CVE-ID : CVE-2020-27918 CVE-2020-29623 CVE-2021-1765 CVE-2021-1789 CVE-2021-1799 CVE-2021-1801 CVE-2021-1870 Package : wpewebkit Type : multiple issues Remote : Yes Link :...

9.8CVSS0.4AI score0.14542EPSS
Exploits0References15
Circl
Circl
added 2021/02/17 11:0 a.m.11 views

CVE-2021-1801

creationtimestamp| type| source ---|---|--- 2021-02-17 11:00:25+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2722 2021-02-17 12:22:23+00:00| exploited| https://t.me/truesecator/1443 2021-04-19 05:45:41+00:00| published-proof-of-concept| https://t.me/androidMalware/114...

6.5CVSS7.4AI score0.01515EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2021/02/17 7:11 a.m.99 views

Malvertisers Exploited WebKit 0-Day to Redirect Browser Users to Scam Sites

A malvertising group known as "ScamClub" exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams. The attacks, first spotted by ad security firm Confiant in late June 2020, leveraged a bug CVE-2021–1801...

6.5CVSS0.8AI score0.01515EPSS
Exploits0
Rows per page
Query Builder