Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 148 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 148.0.7778.96 Linux 148.0.7778.96/97 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...

PT-2026-37217

Name of the Vulnerable Software and Affected Versions Tunnelblick versions 3.3beta26 through 9.0beta01 Description Tunnelblick is an open source graphic user interface for OpenVPN on macOS. A symlink following issue exists in the tunnelblick-helper process, which is accessible via the...

Astra Linux – Vulnerability in WebKit2GTK

A logic issue was addressed through improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2, and iPadOS 16.2, as well as watchOS 9.2. Processing maliciously crafted web content may disclose sensitive user information...

Astra Linux – Vulnerability in WebKit2GTK

A logic issue has been resolved through improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4, and iPadOS 15.4, as well as tvOS 15.4. A malicious website may cause unexpected cross-origin behaviors...

Astra Linux – Vulnerability in WebKit2GTK

A buffer overflow issue has been addressed through improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4, and iPadOS 15.4, as well as tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code...

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Ventura 13, iOS 16.1, iPadOS 16, and Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution...

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5, iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, and iTunes 12.12.4 for Windows. Processing maliciously crafted...

Wireshark 2.4.x < 2.4.9 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.9. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.9 advisory. - In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could...

Wireshark 3.0.x < 3.0.10 A Vulnerability (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.0.10. It is, therefore, affected by a vulnerability as referenced in the wireshark-3.0.10 advisory. - In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was...

CVE-2026-33450

CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of a modified server can send a malformed packet to the client causing a denial of service...

[SECURITY] Fedora 43 Update: dotnet9.0-9.0.116-1.fc43

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

Wireshark 2.0.x < 2.0.4 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.4 advisory. - epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the...

Wireshark 4.4.x < 4.4.15 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.4.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.4.15 advisory. - RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial ...

Wireshark 2.2.x < 2.2.16 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.16. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.16 advisory. - In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could...

Wireshark 2.4.x < 2.4.8 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.8 advisory. - In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This wa...

Wireshark 2.2.x < 2.2.11 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.11 advisory. - In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was...

Wireshark 2.2.x < 2.2.12 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.12. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.12 advisory. - In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could...

Wireshark 2.4.x < 2.4.1 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.1 advisory. - In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite...

Wireshark 2.4.x < 2.4.7 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.7 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was...

Wireshark 2.4.x < 2.4.10 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.10. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.10 advisory. - In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was...