AlmaLinux 9 : webkit2gtk3 (ALSA-2024:8180)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8180 advisory. webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web content m...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2024-44161

CVE-2024-44161 is an out-of-bounds read vulnerability in macOS texture processing that could cause an application to terminate if a maliciously crafted texture is processed. The issue is mitigated by improved bounds checking and is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, and macOS Sequoia...

CVE-2024-44161

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Processing a maliciously crafted texture may lead to unexpected app termination...

DEBIAN-CVE-2024-40780

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process cra...

CVE-2024-40789

CVE-2024-40789 is a WebKitGTK/WebKit-related out-of-bounds access issue. The initial CVE description notes an out-of-bounds access that could cause an unexpected process crash when processing malicious web content, with fixes across Apple platforms (iOS, iPadOS, macOS, Safari, watchOS, tvOS, visi...

CVE-2024-40789

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected...

CVE-2024-27857

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2. A remote attacker may be able to cause unexpected app termination or arbitrary code execution...

CVE-2024-27857

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2. A remote attacker may be able to cause unexpected app termination or arbitrary code execution...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution...

CVE-2023-42886

CVE-2023-42886 is an out-of-bounds read in Apple macOS components (notably CoreServices) that could lead to unexpected app termination or arbitrary code execution. Technical details across connected docs show a fix via improved bounds checking, with patches in macOS Sonoma 14.2, macOS Ventura 13....

CVE-2023-41232

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory...

CVE-2023-41232

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory...

CVE-2023-37285

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges...

Cross site scripting

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-37285

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges...

CVE-2023-32380

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. Processing a 3D model may lead to arbitrary code execution...

CVE-2023-32384

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. Processing an image may lead to arbitrary code execution...

CVE-2023-23528

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory...

CVE-2023-23494

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service...