179 matches found
Simple URLs < 115 - Cross Site Scripting
The plugin does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-0099 info: name: Simple URLs 115 - Cross Site Scripting author: r3Y3r53 severit...
OPENSUSE-SU-2026:10935-1 libmozjs-115-0-115.15.0-9.1 on GA media
These are all security issues fixed in the libmozjs-115-0-115.15.0-9.1 package on the GA media of openSUSE Tumbleweed...
Astra Linux - уязвимость в firefox
Uploading files that contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox 115...
Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2026-115 (ALASDOCKER-2026-115)
The version of oci-add-hooks installed on the remote host is prior to 0-0.9.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-115 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or...
FreeBSD : firefox -- Memory safety bugs present in Firefox ESR 115 (7a9f1c15-4aae-11f1-88d3-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7a9f1c15-4aae-11f1-88d3-b42e991fc52e advisory. https://www.mozilla.org/en-US/security/advisories/mfsa2026-40/ reports: Memory safety bugs. Some of the...
firefox -- Memory safety bugs present in Firefox ESR 115
https://www.mozilla.org/en-US/security/advisories/mfsa2026-40/ reports: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute...
Astra Linux - уязвимость в firefox
When Firefox is configured to block the storage of all cookies, it is still possible to store data in localstorage by using an iframe with a source of ‘about:blank’. This could allow malicious websites to store tracking data without permission. This vulnerability affects Firefox versions earlier...
Astra Linux - уязвимость в firefox, thunderbird
A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...
Astra Linux - уязвимость в firefox, thunderbird
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux - уязвимость в firefox
A website can prevent a user from exiting full-screen mode through alerts and prompts. This can lead to user confusion and potential spoofing attacks. This vulnerability affects Firefox versions earlier than 115...
Astra Linux - уязвимость в firefox
Memory safety bugs exist in Firefox 115. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 116...
Astra Linux - уязвимость в firefox
A use-after-free condition existed in NotifyOnHistoryReload where a LoadingSessionHistoryEntry object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox 115...
Astra Linux - уязвимость в firefox, thunderbird
Memory safety bugs exist in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox...
Astra Linux - уязвимость в chromium
Inappropriate implementation in WebApp Installs in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...
KLA91015 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability in the Audio/Video...
CVE-2026-29129
Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...
OESA-2026-1451 libvpx security update
libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs deployed on millions of computers and devices worldwide. Security Fixes: Heap buffer overflow vulnerability exists in libvpx component...
CVE-2026-2447
Heap buffer overflow in libvpx. This vulnerability affects Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...