82 matches found
MiracleLinux 9 : firefox-102.7.0-1.el9.ML.1 (AXSA:2023-5064:08)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5064:08 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...
MiracleLinux 9 : thunderbird-102.7.1-1.el9.ML.1 (AXSA:2023-5071:08)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5071:08 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...
MiracleLinux 8 : thunderbird-102.7.1-1.el8.ML.1 (AXSA:2023-4905:03)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4905:03 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...
CVE-2022-23605
Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. In versions before 2022-01-27-production.0 ephemeral messages and assets might still be accessible...
CVE-2025-23605
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lampd Call To Action Popup call-to-action-popup allows Reflected XSS.This issue affects Call To Action Popup: from n/a through = 1.0.2...
Linux Distros Unpatched Vulnerability : CVE-2023-23605
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of...
CVE-2025-23605 WordPress Call To Action Popup plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lampd Call To Action Popup call-to-action-popup allows Reflected XSS.This issue affects Call To Action Popup: from n/a through = 1.0.2...
CVE-2025-23605 WordPress Call To Action Popup plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lampd Call To Action Popup call-to-action-popup allows Reflected XSS.This issue affects Call To Action Popup: from n/a through = 1.0.2...
CVE-2025-23605
CVE-2025-23605 describes a Reflected XSS in LamPD Call To Action Popup. The vulnerability arises from improper neutralization of input during web page generation, affecting the Call To Action Popup component from n/a up to version 1.0.2. Connected Red Hat and vulnerability feeds corroborate the s...
CVE-2024-23605
creationtimestamp| type| source ---|---|--- 2024-03-14 09:51:14+00:00| seen| https://t.me/ctinow/207578 2025-02-12 19:07:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4116...
CVE-2024-23605
A heap-based buffer overflow vulnerability exists in the GGUF library header.nkv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2024-23605
Affected: llama.cpp with GGUF header.n_kv parsing (commit 18c2e17). TALOS details a heap-based buffer overflow in gguf_init_from_file caused by allocating ctx->kv with header.n_kv, risking overflow when writing kv->key strings if header.n_kv overflows the allocation. Result: potential code ...
CentOS 8 : thunderbird (CESA-2023:0463)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:0463 advisory. - Mozilla: libusrsctp library out of date CVE-2022-46871 - Mozilla: Fullscreen notification bypass CVE-2022-46877 - Mozilla: Arbitrary file read from G...
CentOS 8 : firefox (CESA-2023:0288)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:0288 advisory. - Mozilla: libusrsctp library out of date CVE-2022-46871 - Mozilla: Fullscreen notification bypass CVE-2022-46877 - Mozilla: Arbitrary file read from G...
Rocky Linux 9 : thunderbird (RLSA-2023:0476)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0476 advisory. - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox...
Rocky Linux 8 : firefox (RLSA-2023:0288)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0288 advisory. - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox...
Rocky Linux 8 : thunderbird (RLSA-2023:0463)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0463 advisory. - An out of date library libusrsctp contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox...
CVE-2023-23605
creationtimestamp| type| source ---|---|--- 2023-06-02 20:42:34+00:00| seen| https://t.me/cibsecurity/64939...
CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabilit...
CVE-2023-23605
CVE-2023-23605 corresponds to memory-safety bugs in Mozilla Firefox 108 and Firefox ESR 102.6 (Thunderbird < 102.7; Firefox < 109; ESR