WebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities that can lead to code execution. Multiple versions are affected.
3cb5fdcd6bc0ec5fd603824f6ca990d828d8b0a217586bb8ab36b7bb300e82c5The WSAQuerySocketSecurity API returns full anonymous impersonation tokens for connected peers in an AppContainer leading to a sandbox escape.
7067265a29081b6a7514db42489f78ae1ae9ee5b818ed3098e7c76170efc1909WebKitGTK+ and WPE WebKit suffer from denial of service, logic, and code execution vulnerabilities. Versions affected include WebKitGTK before 2.26.4 and WPE WebKit before 2.26.4.
f26a8511f96186c2554509eee0dedd35c54b0bc46935f8eb82d173fec60fb098WebKitGTK+ and WPE WebKit suffer from multiple memory handling vulnerabilities that can result in arbitrary code execution. Versions affected include WebKitGTK before 2.26.3 and WPE WebKit before 2.26.3.
49d9b917bde52bfa1ef44d4f7b3b0a13d87e7690393d7e1149a85ed103b0bdb2Wondershare Application Framework Service suffers from a WsAppService unquoted service path vulnerability.
bce314256095db221eb921e331d764a0dacdd555ab91283b42fbf00444c845b5WebKitGTK+ and WPE WebKit suffer from code execution, universal cross site scripting, and memory corruption vulnerabilities. Multiple versions are affected.
e942f161feb7c2ca30eb995ee4e9dcd5afccf820c672b47f99da8302c18074e6WebKitGTK+ and WPE WebKit suffer from code execution, universal cross site scripting, and memory corruption vulnerabilities. Multiple versions are affected.
717a870dd2bc0256ddcda1abe745089002e9d297d7a372d49f1407bce3834e9dWebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities and various other issues that can lead to code execution. Multiple versions are affected.
fc77f6adb81f44a3ceb47bcf986c7857a13278c42b77786d3bf874042831015cWebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities and various other issues that can lead to code execution. Multiple versions are affected.
32368129173c12e77d456af213631d9cc7d26931f8663deec91ae1ff60354a8dWebKitGTK+ and WPE WebKit suffer from multiple memory corruption vulnerabilities that can lead to code execution.
a7ec001ae70f4424c933c3e526ad4f1f1edfb80ffe8e45ec92f1ffebddd58f71WebKitGTK+ and WPE WebKit suffer from code execution, cross site scripting, and various other vulnerabilities.
767e5dec630fcfe59774e5347356e1118ee764c436f4980d89aeec4248315329WebKitGTK+ and WPE WebKit suffers from code execution and assertion vulnerabilities.
074495996da503e304d7d485682ef3659399f18a284e682b03e480a897dd6754WebKitGTK+ and WPE WebKit suffers from buffer overflow, code execution, and denial of service vulnerabilities.
77a5be3e45d043d1e2a8004712d6e668b563c35c03fb45069404b1da867cde1dSeveral vulnerabilities were discovered in WebKitGTK+ and WPE WebKit that can lead to leaking of sensitive data, code execution, and more. Various 2.20.x versions are affected.
c0220c58b288dbb3089fcc06182e86efa1aa62220a826e40338a53ed4207e04aWebKitGTK+ versions prior to 2.20.0, 2.20.1, and 2.20.1 suffer from various memory corruption vulnerabilities.
a39a26b4f8a5581b6a4765e55261987ad531281dc1931b38e1e951b11f824539WebKitGTK+ versions prior to 2.20.0 suffer from various memory corruption vulnerabilities.
c53354b945d78b1f0dbc2bf520b8c3a0b6c899f69af44631165c1d7f0a375e5dThe Oracle WebLogic WLS WSAT component is vulnerable to an XML deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0.
4ec37da27b4c2bc377cee005689b9de7e837a03542a60ce1130758c857cb9228WebKitGTK+ versions 2.18.x suffer from various memory corruption, user interface spoofing, and code execution vulnerabilities.
d4e7bccd0f285c7927463b7aecd4699b02c7859eca96da95b7af180acddb67f8WebKitGTK+ versions before 2.18.5 suffer from various CPU issues. Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker via a side-channel analysis.
43c0fb7f7af52d9932f66c052acb43b9fd23bbf87445e293c5c55aeb7464f02cWebKitGTK+ has had numerous security vulnerabilities addressed including arbitrary code execution and memory corruption.
fead0c4eb118bd38f70f7e7d3e2290c98580a0c930a42ee2243409a3cd3668c5WebKitGTK+ has had numerous security vulnerabilities addressed including arbitrary code execution, memory corruption, cookie theft, and various other issues.
3a18e3f692c17224ea98fd036f7468cb2c7bfb6852fc969ed1c8f78cbe39dd1dWebKitGTK+ suffers from code execution, denial of service, memory corruption, and various other vulnerabilities.
5804f630eaa2c72cacab41b2ccd9870e1e516c016780bc40df3a5bcae7ed2a44WebKitGTK+ has been updated to address a large quantity of vulnerabilities ranging from memory corruption to arbitrary code execution.
df60b93cf570a4f73123a64b2850f9720b93f0c2cd77cfefa61c6ae8b3005102WebKitGTK+ suffers from same-origin bypass, information disclosure, memory corruption, and various other vulnerabilities.
c93c90aa095a8005973c2738f5cdc52a381cac0a35ec331ae2bb11cdd652f0a6WebKitGTK+ versions prior to 2.12.3 and 2.12.1 suffer from memory corruption, code execution, information disclosure, and denial of service vulnerabilities.
ed3b878265e2eac705c28e5a41e795719a9e61d8a59b0c6cf7447c33a10a314dCisco Security Advisory - A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance (WSA) when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory. The vulnerability occurs because the software does not free client and server connection memory and system file descriptors when a certain HTTP response code is received in the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition because the appliance runs out of system memory. When this happens, the device can no longer accept new incoming connection requests. Cisco has released software updates that address this vulnerability. A workaround that addresses this vulnerability is also available.
b11575ce8d127f5df49b01eb0c86396ad5782f7a7e0f3bdae2fdeb9a80362008
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed