Astra Linux - уязвимость в webkit2gtk

This issue has been addressed through improved enforcement of iframe sandboxing policies. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4, and iPadOS 14.4. Maliciously crafted web content may violate...

MiracleLinux 8 : GNOME (AXSA:2022-2953:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2953:01 advisory. webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution CVE-2020-13558 LibRaw: Stack buffer overflow in...

EUVD-2020-1401

Malware in sbrugna...

EUVD-2024-40907

Malicious code in bioql PyPI...

EUVD-2021-7265

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-1801

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update...

webkitgtk: IFrame sandboxing policy violation

A flaw was found in WebKitGTK and WPE WebKit in versions prior to 2.30.6. Maliciously crafted web content may violate the iframe sandboxing policy. The highest threat from this vulnerability is to data integrity...

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Maliciously crafted web content may violate iframe sandboxing policy...

CVE-2022-34474

Even when an iframe was sandboxed with allow-top-navigation-by-user-activation, if it received a redirect header to an external protocol the browser would process the redirect and prompt the user as appropriate. This vulnerability affects Firefox 102...

Apple Safari 18.0 Multiple Vulnerabilities (121241)

The version of Apple Safari installed on the remote host is prior to 18.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 121241 advisory. - This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS...

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Maliciously crafted web content may violate iframe sandboxing policy...

CVE-2024-44155

CVE-2024-44155 affects Apple Safari and related OS components via a custom URL scheme handling issue. The root cause is improved input validation, addressing a vulnerability that could allow malicious web content to violate the iframe sandboxing policy. Public details indicate the fix is applied ...

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 and iPadOS 18. Maliciously crafted web content may violate iframe sandboxing policy...

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, iOS 18 and iPadOS 18, macOS Sequoia 15, watchOS 11. Maliciously crafted web content may violate iframe sandboxing policy...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS version 15 that originates from maliciously crafted web content that may violate iframe sandboxing policies...

PT-2024-30990 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: Safari versions prior to 18 iOS versions prior to 17.7.1 iPadOS versions prior to 17.7.1 macOS versions prior to Sequoia 15 watchOS versions prior to 11 Description: A custom URL scheme handling issue was addressed with improved input...

NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2024-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities: - A use-after-free issue was found in the AudioSourceProviderGStreamer class of WebKitGTK and WPE WebKit in versions prior to 2.30.5. Processing maliciously...

CVE-2022-26384

If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91....

openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2022:0821-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0821-1 advisory. - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:0821-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0821-1 advisory. - An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a...