MiracleLinux 3 : firefox-10.0.12-1.0.1.AXS3, xulrunner-10.0.12-1.0.1.AXS3 (AXSA:2013-41:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-41:01 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this release...

Linux Distros Unpatched Vulnerability : CVE-2024-0748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. Th...

CVE-2025-0748 Homey <= 2.4.3 - Cross-Site Request Forgery to User Verification

The Homey theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.3. This is due to missing or incorrect nonce validation on the 'homeyverifyusermanually' function. This makes it possible for unauthenticated attackers to update verify an user via a...

Oracle Linux 8 : container-tools:4.0 (ELSA-2024-0748)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0748 advisory. buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook...

RHSA-2024:0748

creationtimestamp| type| source ---|---|--- 2024-02-08 19:22:13+00:00| seen| https://t.me/ctinow/181565...

USN-6610-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-0741, CVE-2024-0742,...

Mozilla Firefox Security Advisory (MFSA2024-01) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2024-01. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

CVE-2024-0748

creationtimestamp| type| source ---|---|--- 2024-01-23 15:26:59+00:00| seen| https://t.me/ctinow/172037 2024-01-25 19:31:46+00:00| seen| https://t.me/ctinow/173724 2024-02-17 08:41:34+00:00| seen| https://t.me/ctinow/186811 2025-06-11 15:31:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18...

CVE-2024-0748

CVE-2024-0748 concerns Mozilla Firefox where a compromised content process could update the document URI, enabling an attacker to set an arbitrary URI in the address bar or history. The issue affects Firefox versions earlier than 122 and is addressed by Mozilla in MFSA2024-01, which notes fixes i...

CVE-2024-0748

A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox 122...

KLA63223 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of...

@keystone-6/auth Open Redirect vulnerability

Summary There is an open redirect in the @keystone-6/auth package, where the redirect leading / filter can be bypassed. Impact Users may be redirected to domains other than the relative host, thereby it might be used by attackers to re-direct users to an unexpected location. Mitigations - Don't u...

GHSA-JQXR-VJVV-899M @keystone-6/auth Open Redirect vulnerability

Summary There is an open redirect in the @keystone-6/auth package, where the redirect leading / filter can be bypassed. Impact Users may be redirected to domains other than the relative host, thereby it might be used by attackers to re-direct users to an unexpected location. Mitigations - Don't u...

SUSE CVE-2004-0748

modssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service CPU consumption by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop...

CVE-2023-0748

creationtimestamp| type| source ---|---|--- 2023-02-08 18:25:04+00:00| seen| Telegram/ooxsNd8JGjVbkZUy3MaQAYlpbe9MvWLP0xsr4AwL5S66co...

CVE-2023-0748

Open Redirect vulnerability CVE-2023-0748 affects the btcpayserver/btcpayserver project prior to version 1.7.6. Multiple connected documents (NVD, Red Hat advisory, CVE listing, OSV) consistently describe an Open Redirect in that repository/version. The materials provided do not include root-caus...

CVE-2023-0748 Open Redirect in btcpayserver/btcpayserver

Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6...

@kamilic-pkg/toolbox (>=1.0.0 <=1.1.0), @q7/cli (>=0.0.2 <=0.2.0) +8 more potentially affected by CVE-2022-0748 via post-loader (>=1.1.2 <=2.0.0)

post-loader NPM version =1.1.2, =1.0.0, =0.0.2, =0.0.2, =0.1.0, =0.0.4, =0.0.1, =2.6.21, =0.0.2, =0.0.4 Source cves: CVE-2022-0748 Source advisory: OSV:GHSA-66WW-999Q-MFFQ...

CVE-2022-0748 Arbitrary Code Execution

The package post-loader from 0.0.0 are vulnerable to Arbitrary Code Execution which uses a markdown parser in an unsafe way so that any javascript code inside the markdown input files gets evaluated and executed...

CVE-2022-0748

CVE-2022-0748 affects the post-loader package (Webpack loader for Markdown blog posts). The root cause is unsafe handling of a Markdown parser which allows JavaScript in Markdown inputs to be evaluated and executed, enabling arbitrary code execution. Affected versions are 0.0.0 and later. Public ...