Download
| Alert*
oval:org.secpod.oval:def:2103401
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:505664 Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 68.0.3440.75. Security Fix: * chromium-browser: Stack buffer overflow in Skia * chromium-browser: Heap buffer overflow in WebGL * chromium-browser: Use after free in WebRTC * chromium-browser: Hea ... oval:org.secpod.oval:def:46827 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:46821 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:53380 Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-4117 AhsanEjaz discovered an information leak. Rob Wu discovered a way to escalate privileges using extensions. CVE-2018-6150 Rob Wu discovered an information disclosure issue . CVE-2018-6151 Rob Wu discovered an issu ... oval:org.secpod.oval:def:115022 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:46789 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:603469 Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-4117 AhsanEjaz discovered an information leak. Rob Wu discovered a way to escalate privileges using extensions. CVE-2018-6150 Rob Wu discovered an information disclosure issue . CVE-2018-6151 Rob Wu discovered an issu ... oval:org.secpod.oval:def:46752 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:115120 Chromium is an open-source web browser, powered by WebKit . oval:org.secpod.oval:def:44802 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-8. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:2001407 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows ... oval:org.secpod.oval:def:46817 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information. oval:org.secpod.oval:def:44801 The host is installed with Apple iCloud before 7.4, Apple iTunes before 12.7.4 or Google Chrome before 68.0.3440.75 and is prone to a cross-origin information disclosure vulnerability. A flaw is present in the application, which fails to properly perform input validation. Successful exploitation cou ... oval:org.secpod.oval:def:44803 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-7. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:44830 The host is installed with Apple Safari before 11.1 or Google Chrome before 68.0.3440.75 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle a maliciously crafted web content. Successful exploitation may lead to a denial of service ... oval:org.secpod.oval:def:44831 The host is missing a security update according to Apple advisory, APPLE-SA-2018-3-29-6. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly perform input validation. Successful exploitation could allow attackers to disclose sensi ... oval:org.secpod.oval:def:704062 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:46823 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:52040 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK+. oval:org.secpod.oval:def:46785 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to disclose sensitive information. oval:org.secpod.oval:def:46780 The host is installed with Google Chrome before 68.0.3440.75 and is prone to a cross origin information leak vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:89002542 This update for webkit2gtk3 to version 2.20.3 fixes the issues: The following security vulnerabilities were addressed: - CVE-2018-12911: Fixed an off-by-one error in xdg_mime_get_simple_globs - CVE-2017-13884: An unspecified issue allowed remote attackers to execute arbitrary code or cause a denial ... |