Download
| Alert*
oval:org.secpod.oval:def:89051043
This update for webkit2gtk3 ships missing Lang packages to SUSE Linux Enterprise 15 SP4 and SP5. Security fixes: * CVE-2023-41993: Fixed an issue where processing malicious web content could have lead to arbitrary code execution . * CVE-2023-39928: Fixed a use-after-free that could be exploited to e ... oval:org.secpod.oval:def:93503 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:95233 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-39928 Marcin Noga discovered that a specially crafted web page can abuse a vulnerability in the MediaRecorder API to cause memory corruption and potentially arbitrary code execution. CVE-2023-41074 Junsung Lee a ... oval:org.secpod.oval:def:99336 The host is installed with Oracle Java SE through 8u401 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (WebKitGTK). Successful exploitation allows attackers to affect confidentiality, integrity and availability. oval:org.secpod.oval:def:99347 The host is installed with Oracle Java SE through 8u401 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (WebKitGTK). Successful exploitation allows attackers to affect confidentiality, integrity and availability. oval:org.secpod.oval:def:93368 The host is missing a security update according to the Apple advisory and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to gain access to sensitive information or execute arbitr ... oval:org.secpod.oval:def:96413 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:93290 The host is installed with Oracle Java SE through 8u401 or Apple Safari before 16.6.1 on Apple Mac OS 11, Apple Mac OS 12, or Apple Safari before 17.0 on Apple Mac OS 13, or Apple Mac OS before 14.0 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, whic ... oval:org.secpod.oval:def:612733 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-39928 Marcin Noga discovered that a specially crafted web page can abuse a vulnerability in the MediaRecorder API to cause memory corruption and potentially arbitrary code execution. CVE-2023-41074 Junsung Lee a ... oval:org.secpod.oval:def:99232 The host is installed with Oracle Java SE through 8u401 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (WebKitGTK). Successful exploitation allows attackers to affect confidentiality, integrity and availability. oval:org.secpod.oval:def:93295 The host is missing a security update according to Apple advisory. The update is required to fix a privilege escalation vulnerability. A flaw is present in the application, which fails to handle issues in improved checks. Successful exploitation may lead to arbitrary code execution. oval:org.secpod.oval:def:99352 The host is installed with Oracle Java SE through 8u401 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (WebKitGTK). Successful exploitation allows attackers to affect confidentiality, integrity and availability. oval:org.secpod.oval:def:89051008 This update for webkit2gtk3 fixes the following issues: * CVE-2023-41993: Fixed an issue where processing malicious web content could have lead to arbitrary code execution . * CVE-2023-39928: Fixed a use-after-free that could be exploited to execute arbitrary code when visiting a malicious webpage . ... oval:org.secpod.oval:def:89051019 This update for webkit2gtk3 fixes the following issues: * CVE-2023-41993: Fixed an issue where processing malicious web content could have lead to arbitrary code execution . * CVE-2023-39928: Fixed a use-after-free that could be exploited to execute arbitrary code when visiting a malicious webpage . ... oval:org.secpod.oval:def:126205 WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. oval:org.secpod.oval:def:126315 WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. oval:org.secpod.oval:def:708516 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:1702054 Impact: Visiting a website that frames malicious content may lead to UI spoofing.Description: The issue was addressed with improved UI handling. A website may be able to track the websites a user visited in Safari private browsing mode. A spoofing issue existed in the handling of URLs. This issue wa ... |