CVE-2022-22655

An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4. An app may be able to leak sensitive user information...

CVE-2022-46725

CVE-2022-46725 is a WebKitGTK/WebKit URL handling spoofing vulnerability. The advisory notes a spoofing issue in URL handling that could mislead users via address bar manipulation and indicates it was mitigated by improved input validation. Affected software inclusion (via the Alibaba Cloud Linux...

CVE-2022-46725

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing...

CVE-2023-32358

CVE-2023-32358 is a type-confusion vulnerability in Apple WebKit related to processing web content, leading to arbitrary code execution. Affected products include iOS (16.4 and later), iPadOS (16.4 and later), and macOS Ventura (13.3). The issue stems from a type confusion in the handling of web ...

CVE-2023-32358

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution...

CVE-2023-32358

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution...

CVE-2022-46724

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen...

CVE-2022-46724

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen...

CVE-2022-46724

CVE-2022-46724 concerns Apple iOS/iPadOS Magnifier: with physical access to a locked device, an attacker could view the last image used in Magnifier from the lock screen. The vulnerability affects iOS/iPadOS prior to 16.4 and was addressed in iOS 16.4 / iPadOS 16.4. The issue is mitigated by the ...

SUSE SLES15: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2023:3233-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3233-1 advisory. Update to version 2.40.5 bsc1213905: - CVE-2023-38133: Fixed information disclosure. - CVE-2023-38572: Fixed Same-Origin-Policy...

SUSE SLED12: libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc (SUSE-SU-2023:3237-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3237-1 advisory. Update to version 2.40.5 bsc1213905: - CVE-2023-38133: Fixed information disclosure. - CVE-2023-38572: Fixed...

Rocky Linux 9 : webkit2gtk3 (RLSA-2023:4201)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4201 advisory. - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS...

Debian DSA-5468-1 : webkit2gtk - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5468 advisory. The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-38133 YeongHyeon Choi discovered that processing web content may...

SUSE CVE-2023-38597

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code execution...

The vulnerability of the kernel of operating systems such as MacOS, iOS, tvOS, iPadOS, and watchOS allows attackers to execute arbitrary code with kernel privileges.

The vulnerability in the kernels of operating systems such as MacOS, iOS, tvOS, iPadOS, and watchOS relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code with kernel privileges...

The vulnerability in the kernel of operating systems such as macOS Big Sur, macOS Monterey, iOS, iPadOS, tvOS, macOS Ventura, and watchOS allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in the kernel of operating systems such as macOS Big Sur, macOS Monterey, iOS, iPadOS, tvOS, macOS Ventura, and watchOS relates to operations that occur outside of the buffers in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality,...

CVE-2023-38599

A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A website may be able to track sensitive user information...

CVE-2023-38598

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.6, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel...

CVE-2023-38592

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16.6 and iPadOS 16.6, watchOS 9.6, tvOS 16.6, macOS Ventura 13.5. Processing web content may lead to arbitrary code execution...

CVE-2023-32445

This issue was addressed with improved checks. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. Processing a document may lead to a cross site scripting attack...