23 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-22594
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3,...
SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2022:1677-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1677-1 advisory. - A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS...
SUSE: Security Advisory (SUSE-SU-2022:1677-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: webkit2gtk3 security, bug fix, and enhancement update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
RLSA-2022:1777 Moderate: webkit2gtk3 security, bug fix, and enhancement update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. The following packages have been upgraded to a later upstream version: webkit2gtk3 2.34.6. BZ1985042 Security Fixes: webkitgtk: maliciously crafted web content may lead to arbitrary code execution due to use...
ALSA-2022:1777 Moderate: webkit2gtk3 security, bug fix, and enhancement update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. The following packages have been upgraded to a later upstream version: webkit2gtk3 2.34.6. BZ1985042 Security Fixes: webkitgtk: maliciously crafted web content may lead to arbitrary code execution due to use...
CentOS 8 : webkit2gtk3 (CESA-2022:1777)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1777 advisory. - webkitgtk: Use-after-free leading to arbitrary code execution CVE-2021-30809 - webkitgtk: Type confusion issue leading to arbitrary code execution...
SUSE SLES15: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2022:1511-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1511-1 advisory. Update to version 2.36.0 bsc1198290: - CVE-2022-22624: Fixed use after free that may lead to arbitrary code execution. -...
SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2022:1431-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1431-1 advisory. - A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in...
SUSE: Security Advisory (SUSE-SU-2022:1431-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-22594
A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information...
CVE-2022-22594
A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. A website may be able to track sensitive user information...
CVE-2022-22594
CVE-2022-22594 describes a cross-origin data exfiltration issue in WebKit/WebKitGTK via cross-origin tracking, later fixed in Safari 15.3, iOS 15.3, iPadOS 15.3, watchOS 8.4, tvOS 15.3, and macOS Monterey 12.2. The connected documents indicate the vulnerability allowed tracking of sensitive user ...
SUSE SLES12: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2022:0690-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0690-1 advisory. Update to version 2.34.5 bsc1195735: - CVE-2022-22589: A validation issue was addressed with improved input sanitization. -...
SUSE: Security Advisory (SUSE-SU-2022:0690-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:0690-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.34.5 bsc1195735: - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue...
Apple Patches Actively Exploited WebKit Zero Day
Apple has patched yet another zero-day vulnerability, this time in its WebKit browser engine, that threat actors already are actively exploiting to compromise iPhones, iPads and MacOS devices. The zero-day, tracked as CVE-2022-22620, is a Use-After-Free issue, which is related to incorrect use of...
Apple Releases iOS, iPadOS, macOS Updates to Patch Actively Exploited Zero-Day Flaw
Apple on Thursday released security updates for iOS, iPadOS, macOS, and Safari to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company's third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a...
Update now! Apple patches another actively used zero-day
Apple has released patches for iOS 15.3, iPadOS 15.3, and macOS Monterey 12.2 and is urging users to update. The most significant reasons are two actively exploited zero-day vulnerabilities, one of which has a publicly disclosed Proof-of-Concept PoC. Using this vulnerability, designated...
CVE-2022-22594
creationtimestamp| type| source ---|---|--- 2022-01-27 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=729 2022-01-27 12:09:16+00:00| seen| https://t.me/truesecator/2562 2022-04-01 13:50:00+00:00| exploited| https://t.me/truesecator/2797 2022-12-14 14:05:53+00:00| seen|...