55 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution. El problema se solucionó mejorando las comprobaciones. Este problema se solucionó en macOS Ventura 13.5. • http://www.openwall.com/lists/oss-security/2023/09/11/1 https://security.gentoo.org/glsa/202401-04 https://support.apple.com/en-us/HT213843 https://access.redhat.com/security/cve/CVE-2023-40397 https://bugzilla.redhat.com/show_bug.cgi?id=2238945 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail. Se abordó un problema de lógica con una comprobación mejorada. Este problema es corregido en macOS Ventura 13.3. • http://www.openwall.com/lists/oss-security/2023/09/11/1 https://security.gentoo.org/glsa/202401-04 https://support.apple.com/en-us/HT213670 https://access.redhat.com/security/cve/CVE-2023-32370 https://bugzilla.redhat.com/show_bug.cgi?id=2238944 •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. Se ha solucionado un problema de use-after-free con una mejora en la gestión de memoria. Este problema se ha solucionado en iOS 16.4 y iPadOS 16.4, macOS Ventura 13.3. • http://www.openwall.com/lists/oss-security/2023/09/11/1 https://security.gentoo.org/glsa/202401-04 https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213676 https://access.redhat.com/security/cve/CVE-2023-28198 https://bugzilla.redhat.com/show_bug.cgi?id=2238943 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A use-after-free vulnerability in WebCore::RenderLayer::updateDescendantDependentFlags in WebKitGTK before 2.36.8 allows attackers to execute code remotely. • http://www.openwall.com/lists/oss-security/2023/04/21/3 https://bugs.webkit.org/show_bug.cgi?id=242684 https://security.gentoo.org/glsa/202305-32 https://access.redhat.com/security/cve/CVE-2023-25363 https://bugzilla.redhat.com/show_bug.cgi?id=2175107 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. • http://www.openwall.com/lists/oss-security/2023/04/21/3 https://bugs.webkit.org/show_bug.cgi?id=244249 https://security.gentoo.org/glsa/202305-32 https://access.redhat.com/security/cve/CVE-2023-25361 https://bugzilla.redhat.com/show_bug.cgi?id=2175103 • CWE-416: Use After Free •