SUSE-SU-2024:4414-1 Security update for gdb

This update for gdb fixes the following issues: Mention changes in GDB 14: GDB now supports the AArch64 Scalable Matrix Extension 2 SME2, which includes a new 512 bit lookup table register named ZT0. GDB now supports the AArch64 Scalable Matrix Extension SME, which includes a new matrix register...

webkit: pointer authentication bypass

A vulnerability was found in Webkit. This flaw allows an attacker with arbitrary read and write capability to bypass pointer authentication...

VulnCheck KEV: CVE-2020-9870

A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. An attacker with memory write capability may be able to bypass pointer authentication codes and run arbitrary code...

CVE-2024-40815

A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13.6.8, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...

CVE-2024-40815

A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...

CVE-2024-40815

A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...

CVE-2024-40815

CVE-2024-40815 describes a race condition addressed by added validation. Apple states the issue is fixed in macOS Ventura 13.6.8, macOS Sonoma 14.6, iOS 17.6/iPadOS 17.6, watchOS 10.6, and tvOS 17.6. A malicious attacker with arbitrary read/write access could potentially bypass Pointer Authentica...

CVE-2024-40815

A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS before version 17.6 and iPadOS before version 17.6, which originates from a...

Medium: webkitgtk4

Issue Overview: An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user. CVE-2024-23280 The issue was addressed with...

Amazon Linux 2 : webkitgtk4 (ALAS-2024-2577)

The version of webkitgtk4 installed on the remote host is prior to 2.42.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2577 advisory. An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2024:2065-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2065-1 advisory. - Update to version 2.44.2 - CVE-2024-27834: Fixed a vulnerability where an attacker with...

openSUSE Security Advisory (SUSE-SU-2024:2065-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:2065-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - Update to version 2.44.2 - CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. bsc1225071...

SUSE SLES15 Security Update : webkit2gtk3 (SUSE-SU-2024:2043-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2043-1 advisory. - Update to version 2.44.2 - CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may b...

SUSE-SU-2024:2043-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - Update to version 2.44.2 - CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. bsc1225071...

SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2024:1976-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1976-1 advisory. - Update to version 2.44.2 bsc1225071 - CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary...

SUSE-SU-2024:1976-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - Update to version 2.44.2 bsc1225071 - CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. bsc1225071...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : webkit2gtk3 (SUSE-SU-2024:1944-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1944-1 advisory. - Update to version 2.44.2 bsc1225071: - CVE-2024-23252: Fixed a vulnerability where processed w...

SUSE-SU-2024:1944-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: - Update to version 2.44.2 bsc1225071: - CVE-2024-23252: Fixed a vulnerability where processed web content may lead to a denial-of-service. bsc1222010 - CVE-2024-23254: Fixed a vulnerability where a malicious website may exfiltrate audio dat...