Download
| Alert*
oval:org.secpod.oval:def:42204
The host is installed with Apple Safari before 11 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to properly handle crafted web content. Successful exploitation may lead attackers to a cross site scripting attack. oval:org.secpod.oval:def:1800619 CVE-2017-7087¶ Versions affected: WebKitGTK+ before 2.18.0Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7089¶ Versions affected: WebKitGTK+ befor ... oval:org.secpod.oval:def:42207 The host is missing a security update according to Apple advisory, APPLE-SA-2017-09-25-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle website data in Safari Private windows. Successful exploitation allow attackers t ... oval:org.secpod.oval:def:42185 The host is missing a security update according to Apple advisory, APPLE-SA-2017-09-25-8. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:51922 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:42184 The host is missing a security update according to Apple advisory, APPLE-SA-2017-09-25-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:42183 The host is installed with Apple iCloud before 7.0 or iTunes before 12.7 and is prone to a cross site script vulnerability. A flaw is present in the application, which fails to properly handle malicious website. Successful exploitation may lead to a cross site scripting attack. oval:org.secpod.oval:def:703863 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:89002298 This update for webkit2gtk3 fixes the following issues: Update to version 2.18.5: + Disable SharedArrayBuffers from Web API. + Reduce the precision of quot;highquot; resolution time to 1ms. + bsc#1075419 - Security fixes: includes improvements to mitigate the effects of Spectre and Meltdown . Update ... |