641 matches found
Fedora 25 : webkitgtk4 (2017-25ffd5b236)
Highlights of the 2.16.0 release : - Hardware acceleration is now enabled on demand to drastically reduce memory consumption. - CSS Grid Layout is enabled by default. - New WebKitSetting to set the hardware acceleration policy. - UI process API to configure network proxy settings. - Improved...
Fedora 24 : webkitgtk4 (2017-0f38995622)
Highlights of the 2.16.0 release : - Hardware acceleration is now enabled on demand to drastically reduce memory consumption. - CSS Grid Layout is enabled by default. - New WebKitSetting to set the hardware acceleration policy. - UI process API to configure network proxy settings. - Improved...
CVE-2016-4603
Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...
CVE-2016-4603
Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...
Design/Logic Flaw
Web Media in Apple iOS before 9.3.3 allows attackers to bypass the Private Browsing protection mechanism and obtain sensitive video URL information by leveraging Safari View Controller misbehavior...
Apple iOS CFNetwork HTTPProtocol Component Vulnerability
Apple iOS is an operating system for mobile devices developed by Apple Inc. The CFNetwork HTTPProtocol is one of the components used to send requests to create simple instances. A security vulnerability exists in the CFNetwork HTTPProtocol component in versions of Apple iOS prior to 9, which stem...
CVE-2015-5859
The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...
Hardcoded credentials
The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly recognize the HSTS preload list during a Safari private-browsing session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network...
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss, xulrunner, seamonkey (important)
Mozilla Firefox was updated to version 42.0, fixing bugs and security issues. Mozilla xulrunner was updated to xulrunner 38.4.0. Seamonkey was updated to 2.39. New features in Mozilla Firefox: Private Browsing with Tracking Protection blocks certain Web elements that could be used to record your...
Mozilla 42 Brings Private Browsing with Tracking Protection Live
Mozilla has pushed a feature in Firefox live that allows users to block certain page elements while browsing privately. The feature, Private Browsing with Tracking Protection, previously available to beta users, blocks third party page elements, such as ads, social network buttons, analytics, and...
The vulnerability of the iOS operating system allows a hacker to bypass the security measures of the private browsing mode of the Safari browser and track down the user.
The vulnerability of the CFNetwork HTTP Protocol component in the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the security measures of the private browsing mode of the Safari browser and track users...
Apple iOS CFNetwork HTTPProtocol Component Information Disclosure Vulnerability
Apple iOS is an operating system developed by Apple for mobile devices. An information disclosure vulnerability exists in the Apple iOS CFNetwork HTTPProtocol component. Due to the program failing to properly handle HSTS state. A remote attacker can exploit this vulnerability via a specially...
CVE-2015-5860
The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site...
Hardcoded credentials
The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site...
CVE-2015-5860
CVE-2015-5860 affects the CFNetwork HTTPProtocol component in Apple iOS prior to 9. The root cause is a mishandling of HSTS state, which allows a remote attacker to bypass Safari private-browsing protections and track users via a crafted website. The vulnerability impact is described in the CVE e...
CVE-2015-5860
The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafted web site...
Apple Safari WebKit private-browsing information disclosure vulnerability
Apple Safari is an open source WEB browser. A security vulnerability exists in the private-browsing implementation of Apple Safari's WebKit, which can be exploited by a remote attacker to track a user with the help of a specially crafted Web site...
APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and addresses the following: Safari Application Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and O...
CVE-2015-3752
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...
Cross site request forgery (csrf)
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...