Showing 1 - 7 of 7

CVE-2024-23254

Status Candidate

Overview

The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, Safari 17.4. A malicious website may exfiltrate audio data cross-origin.

Related Files

Gentoo Linux Security Advisory 202407-13: Posted Jul 5, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202407-13 - Multiple vulnerabilities have been discovered in WebKitGTK+, the worst of which could lead to arbitrary code execution Versions greater than or equal to 2.44.0:4 are affected.; tags | advisory, arbitrary, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2014-1745, CVE-2023-40414, CVE-2023-42833, CVE-2023-42843, CVE-2023-42950, CVE-2023-42956, CVE-2024-23206, CVE-2024-23213, CVE-2024-23222, CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280, CVE-2024-23284; SHA-256 | 000116d17b432cee3f3da4f7a2b479c1070982a1c552d9d8389d7db84427050b; Download | Favorite | View

Debian Security Advisory 5684-1: Posted May 9, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5684-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Kacper Kwapisz discovered that visiting a malicious website may lead to address bar spoofing. Nan Wang and Rushikesh Nandedkar discovered that processing maliciously crafted web content may lead to arbitrary code execution. SungKwon Lee discovered that processing web content may lead to a denial-of-service. Various other issues were also addressed.; tags | advisory, web, arbitrary, spoof, vulnerability, code execution; systems | linux, debian; advisories | CVE-2023-42843, CVE-2023-42950, CVE-2023-42956, CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280, CVE-2024-23284; SHA-256 | 6e9bc12028378c36947c0cc1d5a1b5f2cd1a6e3c69e4d33ee6a4c62e19d93ae3; Download | Favorite | View

Ubuntu Security Notice USN-6732-1: Posted Apr 16, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6732-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.; tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss; systems | linux, ubuntu; advisories | CVE-2023-42843, CVE-2024-23254; SHA-256 | de34dd341ebb6d403b4c828166ceeda34879902207f833c29fa8ffd18d7ee2ad; Download | Favorite | View

Apple Security Advisory 03-07-2024-7: Posted Mar 14, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.; tags | advisory, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2024-23220, CVE-2024-23225, CVE-2024-23226, CVE-2024-23235, CVE-2024-23246, CVE-2024-23254, CVE-2024-23257, CVE-2024-23258, CVE-2024-23262, CVE-2024-23263, CVE-2024-23264, CVE-2024-23265, CVE-2024-23284, CVE-2024-23286; SHA-256 | bb37d3d885c05665df5e0348f90e65516bd9024d109db00efe75183960a1ab40; Download | Favorite | View

Apple Security Advisory 03-07-2024-6: Posted Mar 14, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.; tags | advisory, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2022-48554, CVE-2024-0258, CVE-2024-23225, CVE-2024-23226, CVE-2024-23235, CVE-2024-23239, CVE-2024-23241, CVE-2024-23246, CVE-2024-23250, CVE-2024-23254, CVE-2024-23263, CVE-2024-23264, CVE-2024-23265, CVE-2024-23270; SHA-256 | 75dbd070cadb95c190fb2c3e720880078476efddd8b02e812bc1c594dfa6e86f; Download | Favorite | View

Apple Security Advisory 03-07-2024-5: Posted Mar 14, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 03-07-2024-5 - watchOS 10.4 addresses buffer overflow, bypass, and code execution vulnerabilities.; tags | advisory, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2022-48554, CVE-2024-0258, CVE-2024-23225, CVE-2024-23226, CVE-2024-23231, CVE-2024-23235, CVE-2024-23239, CVE-2024-23246, CVE-2024-23250, CVE-2024-23254, CVE-2024-23263, CVE-2024-23265, CVE-2024-23278, CVE-2024-23280; SHA-256 | 6df43170bd5fc352fd321acd5fe231d753158fd667fcbe6941a1ccefd16eb11a; Download | Favorite | View

Apple Security Advisory 03-07-2024-1: Posted Mar 14, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 03-07-2024-1 - Safari 17.4 addresses denial of service, data exfiltration, and missing authentication vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | apple; advisories | CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23273, CVE-2024-23280, CVE-2024-23284; SHA-256 | 5bc0c85ddeab13d91cebaf39fefae7e5434a1407a66d5df1287ec20e5148e936; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 290 files
Ubuntu 63 files
Debian 20 files
Gentoo 8 files
Apple 6 files
LiquidWorm 4 files
Google Security Research 4 files
Alter Prime 3 files
Spencer McIntyre 3 files
Jann Horn 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2024-23254

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems