OESA-2024-1747 mozjs78 security update

SpiderMonkey is the code-name for Mozilla Firefox's C++ implementation of JavaScript. It is intended to be embedded in other applications that provide host environments for JavaScript. Security Fixes: A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file...

CVE-2023-29532

A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not...

CVE-2023-29532

CVE-2023-29532 describes a local, Windows-only vulnerability where an attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service to a malicious SMB server. The update can be replaced after the signature check but before use because the service...

SUSE: Security Advisory (SUSE-SU-2023:1855-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.10.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mo...

Slackware: Security Advisory (SSA:2023-102-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : thunderbird (2023-d365f19e05)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d365f19e05 advisory. Update to 102.10.0 ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/ ;...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:1817-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1817-1 advisory. - Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This...

Slackware: Security Advisory (SSA:2023-101-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:1817-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-102.10.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

KLA48841 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1...

KLA48840 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1...

Mozilla Firefox < 112.0

The version of Firefox installed on the remote Windows host is prior to 112.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-13 advisory. - Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safe...

KLA48839 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Security ...

CVE-2022-29532

creationtimestamp| type| source ---|---|--- 2022-04-21 02:26:08+00:00| seen| https://t.me/cibsecurity/41209...

CVE-2022-29532

CVE-2022-29532 affects MISP prior to 2.4.158. There is a cross-site scripting vulnerability in the cerebrate view: if one administrator enters a javascript: URL in the URL field and another administrator clicks it, malicious JavaScript can be executed. The issue is reported across multiple source...

accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29532 via tensorflow (>=2.2.0 <=2.2.2)

tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29532 Source advisory: OSV:GHSA-J47F-4232-HVV8...

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29532 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29532 Source advisory: OSV:GHSA-J47F-4232-HVV8...

abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +91 more potentially affected by CVE-2021-29532 via tensorflow (>=2.4.0 <=2.4.1)

tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.0.0, =0.0.0.post0 and more Source cves: CVE-2021-29532 Source advisory: OSV:GHSA-J47F-4232-HVV8...