Security
Headlines
HeadlinesLatestCVEs

Tag

#webkit

CVE-2022-32824: About the security content of tvOS 15.6

The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.

CVE
Open in Source
#web#ios#apple#google#buffer_overflow#auth#zero_day#webkit#wifi
CVE-2022-46723: About the security content of macOS Monterey 12.6.1

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A remote user may be able to write arbitrary files.

CVE-2022-32784: About the security content of Safari 15.6

The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.

CVE-2022-22668: About the security content of iOS 15.4 and iPadOS 15.4

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information.

CVE-2023-23529: About the security content of Safari 16.3

A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited..

CVE-2023-23514: About the security content of iOS 16.3.1 and iPadOS 16.3.1

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges..

CVE-2023-23522: About the security content of macOS Ventura 13.2.1

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data..

Ubuntu Security Notice USN-5893-1

Ubuntu Security Notice 5893-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

CVE-2023-1037: bug_report/SQLi-1.md at main · nightcloudos/bug_report

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /APR/login.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221795.

CVE-2023-1036: bug_report/XSS-1.md at main · nightcloudos/bug_report

A vulnerability was found in SourceCodester Dental Clinic Appointment Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /APR/signup.php of the component POST Parameter Handler. The manipulation of the argument firstname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221794 is the identifier assigned to this vulnerability.