23 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-32435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS...
openSUSE: Security Advisory for webkit2gtk3 (SUSE-SU-2023:3233-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature
The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company. Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginnin...
SUSE SLES15: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2023:3300-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3300-1 advisory. Update to version 2.40.5 bsc1213905: - CVE-2023-38133: Fixed information disclosure. - CVE-2023-38572: Fixed Same-Origin-Policy...
SUSE: Security Advisory (SUSE-SU-2023:3237-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 9 : webkit2gtk3 (RLSA-2023:4201)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4201 advisory. - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS...
webkit2gtk3 security update
2.38.5-1.5 - Disable JIT CVE-2023-32435, CVE-2023-32439...
webkit2gtk3 security update
2.38.5-1.3 - Disable JIT CVE-2023-32435, CVE-2023-32439...
Oracle Linux 8 : webkit2gtk3 (ELSA-2023-4202)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4202 advisory. 2.38.5-1.5 - Disable JIT CVE-2023-32435, CVE-2023-32439 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 9 : webkit2gtk3 (ELSA-2023-4201)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4201 advisory. 2.38.5-1.3 - Disable JIT CVE-2023-32435, CVE-2023-32439 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Amazon Linux 2 : webkitgtk4 (ALAS-2023-2141)
The version of webkitgtk4 installed on the remote host is prior to 2.38.5-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2141 advisory. Processing web content may lead to arbitrary code execution NOTE:...
Important: webkitgtk4
Issue Overview: Processing web content may lead to arbitrary code execution NOTE: https://webkitgtk.org/security/WSA-2023-0005.html ADVISORIES: 'DSA-5241-1', 'DSA-5240-1' CVE-2022-48503 A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS...
Important: Red Hat Security Advisory: webkit2gtk3 security update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Important: Red Hat Security Advisory: webkit2gtk3 security update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
ALSA-2023:4201 Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-32435 webkitgtk: type confusion issue leading to arbitrary code execution CVE-2023-32439 For more details about th...
RHEL 9 : webkit2gtk3 (RHSA-2023:4201)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4201 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: memory corruption issue...
AlmaLinux 9 : webkit2gtk3 (ALSA-2023:4201)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4201 advisory. - A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3...
Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: memory corruption issue leading to arbitrary code execution CVE-2023-32435 webkitgtk: type confusion issue leading to arbitrary code execution CVE-2023-32439 For more details about th...
Apple iOS < 15.7.7 Multiple Vulnerabilities (HT213811)
Binary data appleios1577check.nbin...
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439...