40 matches found
OESA-2024-1747 mozjs78 security update
SpiderMonkey is the code-name for Mozilla Firefox's C++ implementation of JavaScript. It is intended to be embedded in other applications that provide host environments for JavaScript. Security Fixes: A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file...
CVE-2023-29532
CVE-2023-29532 describes a local, Windows-only vulnerability where an attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service to a malicious SMB server. The update can be replaced after the signature check but before use because the service...
CVE-2023-29532
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not...
SUSE: Security Advisory (SUSE-SU-2023:1855-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.10.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mo...
Fedora 37 : thunderbird (2023-d365f19e05)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d365f19e05 advisory. Update to 102.10.0 ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/ ;...
Slackware: Security Advisory (SSA:2023-102-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:1817-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware: Security Advisory (SSA:2023-101-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:1817-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1817-1 advisory. - Firefox Extended Support Release 102.10.0 ESR bsc1210212 - CVE-2023-29531: Out-of-bound memory access in WebGL on macOS -...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-102.10.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...
KLA48840 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1...
KLA48839 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Security ...
KLA48841 Multiple vulnerabilities in Mozilla Firefox ESR
Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1...
Mozilla Firefox < 112.0
The version of Firefox installed on the remote Windows host is prior to 112.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-13 advisory. - Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safe...
CVE-2022-29532
creationtimestamp| type| source ---|---|--- 2022-04-21 02:26:08+00:00| seen| https://t.me/cibsecurity/41209...
CVE-2022-29532
CVE-2022-29532 affects MISP prior to 2.4.158. There is a cross-site scripting vulnerability in the cerebrate view: if one administrator enters a javascript: URL in the URL field and another administrator clicks it, malicious JavaScript can be executed. The issue is reported across multiple source...
complaintclassify (=0.0.9) potentially affected by CVE-2021-29532 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-29532 Source advisory: OSV:GHSA-J47F-4232-HVV8...
c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29532 via tensorflow-cpu (=2.3.1)
tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29532 Source advisory: OSV:GHSA-J47F-4232-HVV8...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +161 more potentially affected by CVE-2021-29532 via tensorflow-gpu (>=1.10.1 <=2.1.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-29532 Source advisory: OSV:GHSA-J47F-4232-HVV8...