117 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-12405
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects...
CVE-2024-12405
creationtimestamp| type| source ---|---|--- 2024-12-24 05:43:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113706203913779612 2024-12-24 06:15:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldzs7xvozp22 2024-12-24 07:42:38+00:00| seen|...
CVE-2024-12405
CVE-2024-12405 : Reflected XSS in the WordPress plugin “Export Customers Data” (vulnerable up to 1.2.3) via the t parameter due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject scripts that run when a user interacts with the page; no public fix/version ...
Low: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.4 security updates and bug fixes
Red Hat Advanced Cluster Management for Kubernetes 2.10.4 General Availability release images, which apply security fixes and fix bugs. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Oracle Linux 6 : firefox (ELSA-2020-2378)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-2378 advisory. - Added fix for mozbz1348168/CVE-2017-5428 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
K84141859: Apache Traffic Control vulnerability CVE-2019-12405
Security Advisory Description Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that use...
SUSE CVE-2018-12405
Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...
Slackware: Security Advisory (SSA:2018-345-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0274)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0300)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox Security Advisory (MFSA2018-29) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Mozilla Firefox Security Advisory (MFSA2020-20) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14389-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14389-1 advisory. - When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This...
SUSE: Security Advisory (SUSE-SU-2020:1556-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1563-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : firefox (CESA-2020:2379)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:2379 advisory. - Mozilla: Use-after-free in SharedWorkerService CVE-2020-12405 - Mozilla: JavaScript Type confusion with NativeTypes CVE-2020-12406 - Mozilla: Memory...
CentOS 8 : thunderbird (CESA-2020:2614)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:2614 advisory. - Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage CVE-2020-12398 - Mozilla: Use-after-free in SharedWorkerService...
NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0083)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory...
RHEL 6 : firefox (RHSA-2020:2378)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2378 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.9.0 ESR) hava affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.2.0
Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-12405, CVE-2020-12406, CVE-2020-12399 Vulnerability Details CVEID: CVE-2020-12405 DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free in SharedWorkerService. By...