Download
| Alert*
|
oval:org.secpod.oval:def:2000258
WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology Preview Release 46, allows remote attackers to cause a denial of service or possibly have unspecified other impact because it calls the FastBitVectorWordOwner::resizeSlow function for a purpose other than initializing a bitvect ... oval:org.secpod.oval:def:605220 libwebkit2gtk-4.0-dev is installed oval:org.secpod.oval:def:603714 libwebkit2gtk-4.0-dev is installed oval:org.secpod.oval:def:69821 The update for libwebkit2gtk-4.0-dev released as 4797-1 introduced a regression with the WebSockets functionality. Updated libwebkit2gtk-4.0-dev packages are now available to correct this issue. oval:org.secpod.oval:def:2000250 WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object. oval:org.secpod.oval:def:71223 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-27918 Liu Long discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-29623 Simon Hunt discovered that users may be unable to fully delete their bro ... oval:org.secpod.oval:def:78157 The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-30934 Dani Biro discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30936 Chijin Zhou discovered that processing maliciously crafted web content may lead to ... oval:org.secpod.oval:def:2000553 webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash. oval:org.secpod.oval:def:2000947 WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections. oval:org.secpod.oval:def:2000016 WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by craf ... oval:org.secpod.oval:def:69872 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-13558 Marcin Noga discovered that processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004993 "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. oval:org.secpod.oval:def:2004995 This CVE is missing description oval:org.secpod.oval:def:2004982 An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. oval:org.secpod.oval:def:2005018 WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video , an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. oval:org.secpod.oval:def:2001099 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. oval:org.secpod.oval:def:2001252 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. oval:org.secpod.oval:def:2001096 In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks. oval:org.secpod.oval:def:2000096 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. oval:org.secpod.oval:def:2000193 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. oval:org.secpod.oval:def:2000630 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. oval:org.secpod.oval:def:2000683 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:2001499 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:2000026 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:2000909 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2000468 An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" componen ... oval:org.secpod.oval:def:69802 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2019-8835 An anonymous researcher discovered that maliciously crafted web content may lead to arbitrary code execution. CVE-2019-8844 William Bowling discovered that maliciously crafted web content may le ... oval:org.secpod.oval:def:2004998 A logic issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cros ... oval:org.secpod.oval:def:2004997 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004999 A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously craft ... oval:org.secpod.oval:def:2005050 A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. oval:org.secpod.oval:def:2005052 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005051 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:2005054 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:2005053 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005056 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005055 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005058 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005057 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005059 A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may disclose sensitive user information. oval:org.secpod.oval:def:2004989 This CVE is missing description oval:org.secpod.oval:def:2004988 This CVE is missing description oval:org.secpod.oval:def:2005041 A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. oval:org.secpod.oval:def:2005043 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to ... oval:org.secpod.oval:def:2005042 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:2004990 A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory. oval:org.secpod.oval:def:2005045 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:2005044 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:2004992 A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005047 A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to universal cross site scripting. oval:org.secpod.oval:def:2004991 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005046 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005049 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005048 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004996 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004976 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004975 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2004978 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004977 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:2004979 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005030 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005032 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005031 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005034 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005033 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004981 An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process m ... oval:org.secpod.oval:def:2005036 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004980 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code ex ... oval:org.secpod.oval:def:2005035 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004983 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005038 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code ex ... oval:org.secpod.oval:def:2005037 A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. oval:org.secpod.oval:def:2004984 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005039 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code ex ... oval:org.secpod.oval:def:2005019 A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious website may be able to execute scripts in the context of another website. oval:org.secpod.oval:def:2004969 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004968 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code ex ... oval:org.secpod.oval:def:2005020 A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. oval:org.secpod.oval:def:2005023 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:2004970 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005025 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005024 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to ... oval:org.secpod.oval:def:2004972 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005027 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:2004971 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005026 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:2004974 A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing malicious ... oval:org.secpod.oval:def:2005029 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:2004973 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005028 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to ... oval:org.secpod.oval:def:2005009 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005008 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:2005010 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005012 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005011 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005014 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005013 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005016 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005015 A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005017 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:604841 The following vulnerability has been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-3885 Ryan Pickren discovered that a file URL may be incorrectly processed. CVE-2020-3894 Sergei Glazunov discovered that a race condition may allow an application to read restricted memory. CVE-2020-38 ... oval:org.secpod.oval:def:2005001 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005000 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005003 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:2005002 This CVE is missing description oval:org.secpod.oval:def:2005005 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2005004 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:2005007 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may le ... oval:org.secpod.oval:def:2005006 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitra ... oval:org.secpod.oval:def:2004987 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code ... oval:org.secpod.oval:def:2004986 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2005040 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:2004985 A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. oval:org.secpod.oval:def:2005021 This CVE is missing description oval:org.secpod.oval:def:95237 The webkit2gtk update released as 5527-1 introduced a regression that is causing programs such as yelp, liferea or gnucash to stop working in certain cases. oval:org.secpod.oval:def:605787 The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-30934 Dani Biro discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30936 Chijin Zhou discovered that processing maliciously crafted web content may lead to ... oval:org.secpod.oval:def:88397 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-32893 An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. oval:org.secpod.oval:def:88593 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:605955 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-22589 Heige and Bo Qu discovered that processing a maliciously crafted mail message may lead to running arbitrary javascript. CVE-2022-22590 Toan Pham discovered that processing maliciously crafted web content m ... oval:org.secpod.oval:def:80394 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-22624 Kirin discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-22628 Kirin discovered that Processing maliciously crafted web content may lead to arbitrary ... oval:org.secpod.oval:def:607887 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-26700 ryuzaki discovered that processing maliciously crafted web content may lead to code execution. CVE-2022-26709 Chijin Zhou discovered that processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:88536 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:88377 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-22677 An anonymous researcher discovered that the video in a webRTC call may be interrupted if the audio capture gets interrupted. CVE-2022-26710 Chijin Zhou discovered that processing maliciously crafted web co ... oval:org.secpod.oval:def:605473 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2020-27918 Liu Long discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2020-29623 Simon Hunt discovered that users may be unable to fully delete their bro ... oval:org.secpod.oval:def:88362 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-26700 ryuzaki discovered that processing maliciously crafted web content may lead to code execution. CVE-2022-26709 Chijin Zhou discovered that processing maliciously crafted web content may lead to arbitrary co ... oval:org.secpod.oval:def:2000204 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2000464 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2001407 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows ... oval:org.secpod.oval:def:2000099 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2000406 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2000883 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers ... oval:org.secpod.oval:def:2001604 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:2001292 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2000761 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2000518 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2000877 The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could ... oval:org.secpod.oval:def:2000728 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers ... oval:org.secpod.oval:def:2000168 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2000156 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2000389 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2001360 An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL. oval:org.secpod.oval:def:2001122 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:2001104 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2000807 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:2000926 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2000021 An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers ... oval:org.secpod.oval:def:2001460 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2000930 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" compone ... oval:org.secpod.oval:def:2001325 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers ... oval:org.secpod.oval:def:2001331 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the "WebKit" component. It allows remote attackers t ... oval:org.secpod.oval:def:2000910 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore fun ... oval:org.secpod.oval:def:2000696 WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. oval:org.secpod.oval:def:2000536 In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, multiple memory corruption issues were addressed with improved memory handling. oval:org.secpod.oval:def:2001389 In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking. oval:org.secpod.oval:def:2001033 An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" com ... oval:org.secpod.oval:def:88388 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-32792 Manfred Paul discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2022-32816 Dohyun Lee discovered that visiting a website that frames malicious content may ... oval:org.secpod.oval:def:88575 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:605665 The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-30846 Sergei Glazunov discovered that processing maliciously crafted web content may lead to arbitrary code execution CVE-2021-30851 Samuel Gross discovered that processing maliciously crafted web content may l ... oval:org.secpod.oval:def:95158 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-28204 An anonymous researcher discovered that processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. CVE-2023-32373 An anonymous r ... oval:org.secpod.oval:def:95171 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-32439 An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. oval:org.secpod.oval:def:95184 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-38133 YeongHyeon Choi discovered that processing web content may disclose sensitive information. CVE-2023-38572 Narendra Bhati discovered that a website may be able to bypass the Same Origin Policy. CVE-2023-385 ... oval:org.secpod.oval:def:708360 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:95177 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-37450 An anonymous researcher discovered that processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. oval:org.secpod.oval:def:74567 The following vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2021-21775 Marcin Towalski discovered that a specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be tric ... oval:org.secpod.oval:def:96927 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42916 Clement Lecigne discovered that processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. CVE-2023-42917 Clement Lecigne discov ... oval:org.secpod.oval:def:612866 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42916 Clement Lecigne discovered that processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. CVE-2023-42917 Clement Lecigne discov ... oval:org.secpod.oval:def:708596 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:96450 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:96787 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:708654 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:93330 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-0108 Luan Herrera discovered that an HTML document may be able to render iframes with sensitive user information. CVE-2022-32885 P1umer and Q1IQ discovered that processing maliciously crafted web content may lea ... oval:org.secpod.oval:def:708126 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:91477 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:708334 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:708704 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:96933 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42883 The Zoom Offensive Security Team discovered that processing a SVG image may lead to a denial-of-service. oval:org.secpod.oval:def:612872 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42883 The Zoom Offensive Security Team discovered that processing a SVG image may lead to a denial-of-service. oval:org.secpod.oval:def:708753 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:98515 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2024-23206 An anonymous researcher discovered that a maliciously crafted webpage may be able to fingerprint the user. CVE-2024-23213 Wangtaiyu discovered that processing web content may lead to arbitrary code executi ... oval:org.secpod.oval:def:98661 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:98706 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:707874 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:88652 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:88447 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42852 hazbinhotel discovered that processing maliciously crafted web content may result in the disclosure of process memory. CVE-2022-42856 Clement Lecigne discovered that processing maliciously crafted web cont ... oval:org.secpod.oval:def:707739 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:88427 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42799 Jihwan Kim and Dohyun Lee discovered that visiting a malicious website may lead to user interface spoofing. CVE-2022-42823 Dohyun Lee discovered that processing maliciously crafted web content may lead to ... oval:org.secpod.oval:def:610243 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42799 Jihwan Kim and Dohyun Lee discovered that visiting a malicious website may lead to user interface spoofing. CVE-2022-42823 Dohyun Lee discovered that processing maliciously crafted web content may lead to ... oval:org.secpod.oval:def:708876 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:99583 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:2005022 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:69776 Several vulnerabilities have been discovered in the libwebkit2gtk-4.0-dev web engine: CVE-2019-8625 Sergei Glazunov discovered that maliciously crafted web content may lead to universal cross site scripting. CVE-2019-8720 Wen Xu discovered that maliciously crafted web content may lead to arbitrary c ... oval:org.secpod.oval:def:2004994 Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. oval:org.secpod.oval:def:89352 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-23529 An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. oval:org.secpod.oval:def:89471 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:612733 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-39928 Marcin Noga discovered that a specially crafted web page can abuse a vulnerability in the MediaRecorder API to cause memory corruption and potentially arbitrary code execution. CVE-2023-41074 Junsung Lee a ... oval:org.secpod.oval:def:95233 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-39928 Marcin Noga discovered that a specially crafted web page can abuse a vulnerability in the MediaRecorder API to cause memory corruption and potentially arbitrary code execution. CVE-2023-41074 Junsung Lee a ... oval:org.secpod.oval:def:96413 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. oval:org.secpod.oval:def:89341 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42826 Francisco Alonso discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2023-23517 YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae and Dohyun ... oval:org.secpod.oval:def:610378 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42826 Francisco Alonso discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2023-23517 YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae and Dohyun ... oval:org.secpod.oval:def:89455 webkit2gtk: Web content engine library for GTK+ Several security issues were fixed in WebKitGTK. |
