198 matches found
CVE-2024-24736
The POP3 service in YahooPOPs aka YPOPs! 1.6 allows a remote denial of service reboot via a long string to TCP port 110, a related issue to CVE-2004-1558...
CVE-2024-24736
The POP3 service in YahooPOPs aka YPOPs! 1.6 allows a remote denial of service reboot via a long string to TCP port 110, a related issue to CVE-2004-1558...
VulnCheck KEV: CVE-2018-25115
Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems...
North Korean Hacker Group Andariel Strikes with New EarlyRat Malware
The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in phishing attacks, adding another piece to the group's wide-ranging toolset. "Andariel infects machines by executing a Log4j exploit, which, in turn, downloads further malware from...
North Korean Hacker Group Andariel Strikes with New EarlyRat Malware
The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in phishing attacks, adding another piece to the group's wide-ranging toolset. "Andariel infects machines by executing a Log4j exploit, which, in turn, downloads further malware from...
CVE-2023-25736
An invalid downcast from nsHTMLDocument to nsIContent could have lead to undefined behavior. This vulnerability affects Firefox 110...
CVE-2023-25733
The return value from gfx::SourceSurfaceSkia::Map wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox 110...
CVE-2023-25736
An invalid downcast from nsHTMLDocument to nsIContent could have lead to undefined behavior. This vulnerability affects Firefox 110...
CVE-2023-25733
The return value from gfx::SourceSurfaceSkia::Map wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox 110...
CVE-2023-28177
Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 111...
CVE-2023-28177
Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 111...
CVE-2023-28176
Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird...
DEBIAN-CVE-2023-28176
Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird...
CVE-2023-25741
When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...
CVE-2023-25745
Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 110...
CVE-2023-25745
Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 110...
CVE-2023-25728
The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25743
A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.This bug only affects Firefox Focus. Other versions of Firefox are unaffected.. This vulnerability affects Firefox 110 and Firefox ESR 102.8...
CVE-2023-25731
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...
CVE-2023-25735
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...