81 matches found
MiracleLinux 8 : thunderbird-91.6.0-1.el8.ML.1 (AXSA:2022-3068:03)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3068:03 advisory. Mozilla: Extensions could have bypassed permission confirmation during update CVE-2022-22754 Mozilla: Memory safety bugs fixed in Firefox 97 and...
MiracleLinux 8 : firefox-91.6.0-1.el8.ML.1 (AXSA:2022-3069:04)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3069:04 advisory. Mozilla: Extensions could have bypassed permission confirmation during update CVE-2022-22754 Mozilla: Memory safety bugs fixed in Firefox 97 and...
Linux Distros Unpatched Vulnerability : CVE-2022-22761
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web...
CVE-2025-22761
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Olaf Lederer Ajax Contact Form fws-ajax-contact-form allows Stored XSS.This issue affects Ajax Contact Form: from n/a through = 1.4.1...
CVE-2021-22761
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code e+F15xecution due to missing length check on user supplied data, when a malicious...
CVE-2025-22761
creationtimestamp| type| source ---|---|--- 2025-01-15 16:17:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfs63bkdje2f 2025-01-15 17:10:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113833476374564377 2025-01-15 17:38:26+00:00| seen|...
CVE-2025-22761
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Olaf Lederer Ajax Contact Form fws-ajax-contact-form allows Stored XSS.This issue affects Ajax Contact Form: from n/a through = 1.4.1...
CVE-2025-22761
CVE-2025-22761 affects the Ajax Contact Form plugin for WordPress (vulnerable range: from n/a through 1.2.5.1). The issue is described as Improper Neutralization of Input During Web Page Generation (Stored XSS). The Wordfence/Red Hat context indicates the patch status is Unpatched; no explicit ex...
Rocky Linux 8 : thunderbird (RLSA-2022:0535)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0535 advisory. - If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants...
CVE-2023-22761
creationtimestamp| type| source ---|---|--- 2023-03-02 10:44:57+00:00| seen| https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar...
CVE-2023-22761
Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to full...
CVE-2023-22761
CVE-2023-22761 describes authenticated remote command injection in the ArubaOS web-based management interface. Exploitation allows an attacker with credentials to execute arbitrary commands as a privileged user, potentially fully compromising the underlying operating system on the device running ...
CVE-2023-22761 Authenticated Remote Command Execution in ArubaOS Web-based Management Interface
Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to full...
CVE-2023-22761 Authenticated Remote Command Execution in ArubaOS Web-based Management Interface
Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to full...
DEBIAN-CVE-2022-22761
Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...
CVE-2022-22761
Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...
CVE-2022-22761
CVE-2022-22761 fixes a vulnerability where the frame-ancestors CSP directive was not enforced for moz-extension:// pages, affecting Firefox < 97, Thunderbird < 91.6, and Firefox ESR
CVE-2022-22761
Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...
CVE-2022-22761
Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...
CVE-2022-22761
Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...