53 matches found
EUVD-2026-29272
The issue was addressed with improved UI handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...
CVE-2026-28971
The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...
CVE-2026-28971
The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...
CVE-2026-28971
The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...
CVE-2026-28971
The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...
PT-2026-39815
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5 iPadOS versions prior to 26.5 macOS Tahoe versions prior to 26.5 visionOS versions prior to 26.5 Description A malicious iframe may use another website’s download settings. This issue was addressed through improved U...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
Astra Linux – Vulnerability in WebKit2GTK
A permissions issue has been addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4, and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack...
Improper Restriction Of Rendered UI Layers Or Frames
@haxtheweb/haxcms-nodejs is vulnerable to Improper Restriction of Rendered UI Layers or Frames. The vulnerability is due to lack of validation or sanitization of user-supplied URLs in iframe website blocks via malicious iframe embedding, allowing attackers to embed attacker-controlled sites and...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-44192 webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2024-54467...
ALSA-2025:3974 Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-44192 webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2024-54467...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
A flaw was found in WebKitGTK. Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues...