CVE-2018-17021

Cross-site scripting XSS vulnerability on ASUS GT-AC5300 devices with firmware through 3.0.0.4.38432738 allows remote attackers to inject arbitrary web script or HTML via the appGet.cgi hook parameter...

Slackware: Security Advisory (SSA:2020-010-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0078-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:14268-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0068-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-17021

creationtimestamp| type| source ---|---|--- 2020-11-11 12:35:06+00:00| seen| https://t.me/cibsecurity/16151 2020-11-11 12:35:14+00:00| seen| https://t.me/cibsecurity/16159...

CVE-2020-17021

CVE-2020-17021 applies to Microsoft Dynamics 365 (on-premises) and is a Cross-site Scripting (XSS) vulnerability arising from inadequate protection of the web page structure that can allow a malicious user to execute script in the context of the current authenticated user. Affected products/versi...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2020:0060_1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:0060-1 Rating: important References: 1160305 1160498 Cross-References: CVE-2019-17015 CVE-2019-17016 CVE-2019-17017 CVE-2019-17021 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 Affected Products: openSUS...

Mozilla Thunderbird Security Advisory (MFSA2020-04) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Thunderbird Security Advisory (MFSA2020-04) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Slackware 14.2 / current : mozilla-thunderbird (SSA:2020-010-01)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-010-01. The text itself is copyright C Slackware Linu...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0068-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 68.4.1 ESR - Fixed: Security fix MFSA 2020-03 bsc1160498 - CVE-2019-17026 bmo1607443 IonMonkey type confusion with StoreElementHole and FallibleStoreElement Firefox Extended Support Release 68.4.0 ESR -...

Security fix for the ALT Linux 10 package thunderbird version 68.4.1-alt1

Jan. 11, 2020 Andrey Cherepanov 68.4.1-alt1 - New version 68.4.1. - Fixed: + CVE-2019-17026 IonMonkey type confusion with StoreElementHole and FallibleStoreElement + CVE-2019-17015 Memory corruption in parent process during new content process initialization on Windows + CVE-2019-17016 Bypass of...

CVE-2019-17021

CVE-2019-17021 describes a race condition during the initialization of a new content process in Firefox on Windows that can disclose heap addresses from the parent process. Affected products are Firefox ESR < 68.4 and Firefox

Mozilla Firefox < 72.0

The version of Firefox installed on the remote Windows host is prior to 72.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-01 advisory. - Mozilla developers Karl Tomlinson, Jason Kratzer, Tyson Smith, Jon Coppeard, and Christian Holler reported memory safet...

CVE-2019-17021

During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR 68.4 and Firefo...

KLA11629 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, bypass security restrictions, perform cross-site scripting attack. Below is a complete list of...

CVE-2018-17021

Summary: CVE-2018-17021 is an XSS vulnerability affecting ASUS GT-AC5300 routers (firmware up to 3.0.0.4.384_32738). The flaw allows a remote attacker to inject arbitrary web script or HTML via the appGet.cgi hook parameter. Affected software/entry details (from connected docs): ASUS GT-AC5300 ro...

CVE-2018-17021

Cross-site scripting XSS vulnerability on ASUS GT-AC5300 devices with firmware through 3.0.0.4.38432738 allows remote attackers to inject arbitrary web script or HTML via the appGet.cgi hook parameter...