Download
| Alert*
|
oval:org.secpod.oval:def:98305
The host is missing a security update according to the Apple advisory and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to gain access to sensitive information or execute arbitr ... oval:org.secpod.oval:def:98362 The host is installed with Apple Mac OS 14 before 14.4 or Apple Safari before 17.4 on Apple Mac OS 12, or Apple Mac OS 13 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle issues in improved validation. On successful explo ... oval:org.secpod.oval:def:127456 WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. oval:org.secpod.oval:def:127388 WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. oval:org.secpod.oval:def:89051954 This update for webkit2gtk3 fixes the following issues: * Update to version 2.44.2 * CVE-2024-27834: Fixed a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication oval:org.secpod.oval:def:98308 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues in various components. Successful exploitation allow attackers to execute arbitrary, cause denial ... oval:org.secpod.oval:def:708876 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:89051750 This update for webkit2gtk3 fixes the following issues: * CVE-2024-23252: Fixed denial of service via crafted web content . * CVE-2024-23254: Fixed possible audio data exilftration cross-origin via malicious website . * CVE-2024-23263: Fixed lack of Content Security Policy enforcing via malicious cr ... oval:org.secpod.oval:def:10000589 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42843 Kacper Kwapisz discovered that visiting a malicious website may lead to address bar spoofing. CVE-2023-42950 Nan Wang and Rushikesh Nandedkar discovered that processing maliciously crafted web content may ... oval:org.secpod.oval:def:613083 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42843 Kacper Kwapisz discovered that visiting a malicious website may lead to address bar spoofing. CVE-2023-42950 Nan Wang and Rushikesh Nandedkar discovered that processing maliciously crafted web content may ... oval:org.secpod.oval:def:99583 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:128311 WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. This package contains WebKitGTK for GTK 3 and libsoup 2. oval:org.secpod.oval:def:89051747 This update for webkit2gtk3 fixes the following issues: * CVE-2024-23252: Fixed denial of service via crafted web content . * CVE-2024-23254: Fixed possible audio data exilftration cross-origin via malicious website . * CVE-2024-23263: Fixed lack of Content Security Policy enforcing via malicious cr ... oval:org.secpod.oval:def:89051759 webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 : * CVE-2024-23252: Credit to anbu1024 of SecANT. Impact: Processing web content may lead to a denial-of-service. Description: The issue was addressed with improved memory handling. * CVE-2024-23254: Credit to James Lee . ... |
