MiracleLinux 8 : firefox-102.13.0-2.el8.ML.1 (AXSA:2023-6239:24)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6239:24 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

Linux Distros Unpatched Vulnerability : CVE-2023-37202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a...

CVE-2024-37202

Missing Authorization vulnerability in BinaryCarpenter Ultimate Custom Add To Cart Button Ajax For WooCommerce by Binary Carpenter custom-add-to-cart-button-for-woocommerce.This issue affects Ultimate Custom Add To Cart Button Ajax For WooCommerce by Binary Carpenter: from n/a through = 1.222.17...

CVE-2022-37202

creationtimestamp| type| source ---|---|--- 2025-05-07 19:22:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15396...

CVE-2024-37202

creationtimestamp| type| source ---|---|--- 2024-07-12 16:56:29+00:00| seen| https://t.me/cvedetector/757...

CVE-2024-37202 WordPress Ultimate Custom Add To Cart Button (Ajax) For WooCommerce by Binary Carpenter plugin <= 1.222.17 - Broken Access Control to XSS vulnerability

Missing Authorization vulnerability in BinaryCarpenter Ultimate Custom Add To Cart Button Ajax For WooCommerce by Binary Carpenter custom-add-to-cart-button-for-woocommerce.This issue affects Ultimate Custom Add To Cart Button Ajax For WooCommerce by Binary Carpenter: from n/a through = 1.222.17...

CVE-2024-37202

CVE-2024-37202 affects the WordPress plugin Binary Carpenter – Ultimate Custom Add To Cart Button (Ajax) for WooCommerce. The issue is described as a Missing Authorization vulnerability that enables Cross-Site Scripting (XSS). Affected version range is reported as from n/a through 1.222.16. The C...

WordPress Ultimate Custom Add To Cart Button (Ajax) For WooCommerce by Binary Carpenter Plugin <= 1.222.16 is vulnerable to Broken Access Control

Software Ultimate Custom Add To Cart Button Ajax For WooCommerce by Binary Carpenter Type Plugin Vulnerable versions = 1.222.16 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37202 Patch priority Medium CVSS severity Medium 6.5 Developer Clai...

openSUSE: Security Advisory for MozillaFirefox, MozillaFirefox (SUSE-SU-2023:2886-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : firefox (ALASFIREFOX-2023-001)

The version of firefox installed on the remote host is prior to 102.13.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-001 advisory. An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This...

Important: firefox

Issue Overview: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13. CVE-2023-37201 Cross-compartment wrappers wrapping a scripted proxy could have caused objec...

RLSA-2023:4063 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Security Fixes: Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey CVE-2023-37202...

RLSA-2023:4076 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.13.0 ESR. Security Fixes: Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from...

SUSE: Security Advisory (SUSE-SU-2023:2886-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2023-0235)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2023:2849-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2849-1 advisory. - When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an ifram...

SUSE: Security Advisory (SUSE-SU-2023:2850-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : firefox (ELSA-2023-4071)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4071 advisory. 102.13.0-2.0.1 - Updated homepages to use https Orabug: 34648274 102.13.0-2 - Update to 102.13.0 build2 102.13.0-1 - Update to 102.13.0 build1 Tenable...

AlmaLinux 8 : firefox (ALSA-2023:4076)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4076 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefo...

AlmaLinux 9 : firefox (ALSA-2023:4071)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4071 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefo...