Lucene search
+L

641 matches found

Tenable Nessus
Tenable Nessus
added 2017/03/30 12:0 a.m.19 views

Fedora 25 : webkitgtk4 (2017-25ffd5b236)

Highlights of the 2.16.0 release : - Hardware acceleration is now enabled on demand to drastically reduce memory consumption. - CSS Grid Layout is enabled by default. - New WebKitSetting to set the hardware acceleration policy. - UI process API to configure network proxy settings. - Improved...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/03/30 12:0 a.m.16 views

Fedora 24 : webkitgtk4 (2017-0f38995622)

Highlights of the 2.16.0 release : - Hardware acceleration is now enabled on demand to drastically reduce memory consumption. - CSS Grid Layout is enabled by default. - New WebKitSetting to set the hardware acceleration policy. - UI process API to configure network proxy settings. - Improved...

5.5AI score
Exploits0References1
OSV
OSV
added 2016/07/22 2:59 a.m.5 views

CVE-2016-4603

Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...

4.3CVSS7.3AI score0.01197EPSS
Exploits0References4
NVD
NVD
added 2016/07/22 2:59 a.m.18 views

CVE-2016-4603

Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...

4.3CVSS3.6AI score0.01197EPSS
Exploits0References4
Prion
Prion
added 2016/07/22 2:59 a.m.19 views

Design/Logic Flaw

Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...

4.3CVSS5.5AI score0.01197EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2015/11/24 12:0 a.m.4 views

Apple iOS CFNetwork HTTPProtocol Component Vulnerability

Apple iOS is an operating system for mobile devices developed by Apple Inc. The CFNetwork HTTPProtocol is one of the components used to send requests to create simple instances. A security vulnerability exists in the CFNetwork HTTPProtocol component in versions of Apple iOS prior to 9, which stem...

4.3CVSS6.3AI score0.01451EPSS
Exploits0References1
NVD
NVD
added 2015/11/22 3:59 a.m.20 views

CVE-2015-5859

The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...

4.3CVSS5.2AI score0.01451EPSS
Exploits0References2
Prion
Prion
added 2015/11/22 3:59 a.m.25 views

Hardcoded credentials

The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...

4.3CVSS5.6AI score0.01451EPSS
Exploits0References2Affected Software2
OPENSUSE Linux
OPENSUSE Linux
added 2015/11/09 11:10 p.m.49 views

Security update for MozillaFirefox, mozilla-nspr, mozilla-nss, xulrunner, seamonkey (important)

Mozilla Firefox was updated to version 42.0, fixing bugs and security issues. Mozilla xulrunner was updated to xulrunner 38.4.0. Seamonkey was updated to 2.39. New features in Mozilla Firefox: Private Browsing with Tracking Protection blocks certain Web elements that could be used to record your...

7.5CVSS0.2AI score0.10238EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2015/11/05 1:13 p.m.10 views

Mozilla 42 Brings Private Browsing with Tracking Protection Live

Mozilla has pushed a feature in Firefox live that allows users to block certain page elements while browsing privately. The feature, Private Browsing with Tracking Protection, previously available to beta users, blocks third party page elements, such as ads, social network buttons, analytics, and...

1.3AI score
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2015/10/02 12:0 a.m.8 views

The vulnerability of the iOS operating system allows a hacker to bypass the security measures of the private browsing mode of the Safari browser and track down the user.

The vulnerability of the CFNetwork HTTP Protocol component in the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the security measures of the private browsing mode of the Safari browser and track users...

5CVSS5.5AI score0.01764EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2015/09/23 12:0 a.m.5 views

Apple iOS CFNetwork HTTPProtocol Component Information Disclosure Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices. An information disclosure vulnerability exists in the Apple iOS CFNetwork HTTPProtocol component. Due to the program failing to properly handle HSTS state. A remote attacker can exploit this vulnerability via a specially...

5CVSS6AI score0.01764EPSS
Exploits0References1
NVD
NVD
added 2015/09/18 11:0 a.m.20 views

CVE-2015-5860

The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site...

5CVSS4.9AI score0.01764EPSS
Exploits0References6
Prion
Prion
added 2015/09/18 11:0 a.m.21 views

Hardcoded credentials

The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site...

5CVSS6.2AI score0.01764EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2015/09/18 10:0 a.m.76 views

CVE-2015-5860

CVE-2015-5860 affects the CFNetwork HTTPProtocol component in Apple iOS prior to 9. The root cause is a mishandling of HSTS state, which allows a remote attacker to bypass Safari private-browsing protections and track users via a crafted website. The vulnerability impact is described in the CVE e...

5CVSS5.9AI score0.01764EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2015/09/18 10:0 a.m.26 views

CVE-2015-5860

The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site...

5.8AI score0.01764EPSS
Exploits0References6
CNVD
CNVD
added 2015/08/18 12:0 a.m.6 views

Apple Safari WebKit private-browsing information disclosure vulnerability

Apple Safari is an open source WEB browser. A security vulnerability exists in the private-browsing implementation of Apple Safari's WebKit, which can be exploited by a remote attacker to track a user with the help of a specially crafted Web site...

4.3CVSS6.5AI score0.01935EPSS
Exploits0References1
securityvulns
securityvulns
added 2015/08/17 12:0 a.m.105 views

APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and addresses the following: Safari Application Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and O...

6.8CVSS0.02754EPSS
Exploits0
NVD
NVD
added 2015/08/16 11:59 p.m.14 views

CVE-2015-3752

The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...

5CVSS6.7AI score0.02754EPSS
Exploits0References8
Prion
Prion
added 2015/08/16 11:59 p.m.26 views

Cross site request forgery (csrf)

The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...

5CVSS5.7AI score0.02754EPSS
Exploits0References8Affected Software3
Rows per page
Query Builder