70 matches found
MiracleLinux 7 : firefox-91.7.0-3.0.1.el7.AXS7 (AXSA:2022-3096:07)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3096:07 advisory. Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 expat: Malformed ...
MiracleLinux 8 : thunderbird-91.7.0-2.el8.ML.1 (AXSA:2022-3104:04)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3104:04 advisory. Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 expat: Malformed ...
Linux Distros Unpatched Vulnerability : CVE-2022-26387
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file...
CVE-2021-26387
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected areas, potentially leading to a loss of platform integrity...
AMD Embedded Processors Vulnerabilities – Aug 2024
Bulletin ID: AMD-SB-5002 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages. CVE...
AMD Server Vulnerabilities – August 2024
Bulletin ID: AMD-SB-3003 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in the AMD Secure Processor ASP, AMD Secure Encrypted Virtualization SEV, AMD Secure Encrypted Virtualization – Secure Nested Paging...
CVE-2023-26387
creationtimestamp| type| source ---|---|--- 2023-04-13 02:29:36+00:00| seen| https://t.me/cibsecurity/62039...
CVE-2023-26387 ZDI-CAN-20265: Adobe Substance 3D Stager USDC File Parsing Uninitialized Variable Information Disclosure Vulnerability
Adobe Substance 3D Stager version 2.0.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
CVE-2023-26387
Adobe Substance 3D Stager is affected in versions up to 2.0.1 and earlier by an Access of Uninitialized Pointer vulnerability that can disclose memory and bypass ASLR. The issue affects the parsing/handling paths in Stager and requires user interaction (victim must open a malicious file) for expl...
CVE-2022-26387
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...
CVE-2022-26387
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...
CVE-2022-26387
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...
CVE-2022-26387
The CVE-2022-26387 issue is a Mozilla add-on verification weakness. A time-of-check/time-of-use (TOCTOU) bug could allow the add-on file to be altered after Firefox/Thunderbird signatures were checked but before user confirmation, leaving the user exposed. Affected products and versions per conne...
Mozilla Firefox Security Advisory (MFSA2022-10) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2022-10. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
CentOS: Security Advisory for firefox (CESA-2022:0824)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
thunderbird security update
CentOS Errata and Security Advisory CESA-2022:0850 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
firefox security update
CentOS Errata and Security Advisory CESA-2022:0824 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Ubuntu: Security Advisory (USN-5345-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2022:0906-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2022:0821-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...