Astra Linux - уязвимость в firefox, thunderbird

Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 112 and Firefox ESR 102.10. Some of these bugs exhibited signs of memory corruption, and we assume that...

Astra Linux - уязвимость в firefox

The HTML Sanitizer should have sanitized the href attribute of SVG use tags; however, it incorrectly did not sanitize the xlink:href attributes. This vulnerability affects Firefox versions earlier than 102...

Astra Linux - уязвимость в firefox

Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities in Firefox 101. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these vulnerabilities could have been exploited to execute arbitrary...

Astra Linux - уязвимость в firefox, thunderbird

If a PAC URL was set, and the server hosting the PAC was unreachable, OCSP requests would be blocked, resulting in incorrect error pages being displayed. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

[SECURITY] Fedora 42 Update: kernel-6.19.14-102.fc42

The kernel meta package...

Astra Linux - уязвимость в firefox

When downloading an update for an addon, the version of the downloaded addon update was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a previous version. This...

Astra Linux - уязвимость в firefox, thunderbird

Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 102. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefo...

Astra Linux - уязвимость в chromium

Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass the same-origin policy via a crafted clipboard content...

Astra Linux - уязвимость в thunderbird

An OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a digital signature, the email’s date will be displayed. If the dates are different, then Thunderbird does not report the email as having an invalid signature. I...

Astra Linux - уязвимость в firefox, thunderbird

An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

Astra Linux - уязвимость в firefox, thunderbird

A malicious website that could create a popup might resize the popup to overlay the address bar with its own content, causing potential confusion for users or leading to spoofing attacks. This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability...

Missing Origin Validation in WebSockets

Overview next is a react framework. Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets in the internal dev endpoint when the Origin header is set to null. An attacker can interact with internal development websocket traffic by connecting from...

Siemens SIMATIC and SIPLUS products Uncontrolled Resource Consumption (CVE-2025-40944)

Affected devices do not properly handle S7 protocol session disconnect requests. When receiving a valid S7 protocol Disconnect Request COTP DR TPDU on TCP port 102, the devices enter an improper session state. This could allow an attacker to cause the device to become unresponsive, leading to a...

CVE-2025-40944

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...

CVE-2025-40944

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...

PT-2026-2354

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...

CVE-2019-18336

A vulnerability has been identified in SIMATIC S7-300 CPU family incl. related ET200 CPUs and SIPLUS variants All versions V3.X.17, SIMATIC TDC CP51M1 All versions V1.1.8, SIMATIC TDC CPU555 All versions V1.1.1, SINUMERIK 840D sl All versions V4.8.6, SINUMERIK 840D sl All versions V4.94. Speciall...

CVE-2021-33737

A vulnerability has been identified in SIMATIC CP 343-1 incl. SIPLUS variants All versions, SIMATIC CP 343-1 Advanced incl. SIPLUS variants All versions, SIMATIC CP 343-1 ERPC All versions, SIMATIC CP 343-1 Lean incl. SIPLUS variants All versions, SIMATIC CP 443-1 All versions V3.3, SIMATIC CP...

MAL-2025-192503 Malicious code in elf-stats-fuzzy-workbench-102 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6885087c0bc44815f87570e3ea126e735bb65b5f4cb443a1adc04915c7ac8959 The package elf-stats-fuzzy-workbench-102 was found to contain malicious code...

Malicious code in elf-stats-fuzzy-workbench-102 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6885087c0bc44815f87570e3ea126e735bb65b5f4cb443a1adc04915c7ac8959 The package elf-stats-fuzzy-workbench-102 was found to contain malicious code...