CVE-2026-45403

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the AnythingLLM agent filesystem copy tool validates only the top-level source and destination paths. The recursive copy helper then descends into child...

PT-2025-41182

🟠 ClearML Path Traversal Vulnerability CVE-2025-45403 Moderate https://t.co/AwPuWdbUZK...

TencentOS Server 2: thunderbird (TSSA-2022:0286)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0286 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

CVE-2024-45403

creationtimestamp| type| source ---|---|--- 2024-10-11 17:51:33+00:00| seen| https://t.me/cvedetector/7683...

CVE-2024-45403

h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, th...

Rocky Linux 8 : firefox (RLSA-2022:8554)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8554 advisory. - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined wi...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Thunderbird vulnerabilities (USN-5824-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5824-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...

Ubuntu: Security Advisory (USN-5824-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-45403

Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR 102.5,...

CVE-2022-45403

Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox ESR 102.5,...

CVE-2022-45403

CVE-2022-45403 describes a vulnerability where Service Workers could infer the size of cross-origin media by correlating timing information with Range requests, potentially exposing presence/length of a media file. Affected: Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CentOS 7 : firefox (RHSA-2022:8552)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8552 advisory. - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined...

CentOS 7 : thunderbird (RHSA-2022:8555)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8555 advisory. - Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined...

CentOS: Security Advisory for firefox (CESA-2022:8552)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS: Security Advisory for thunderbird (CESA-2022:8555)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

firefox security update

CentOS Errata and Security Advisory CESA-2022:8552 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE: Security Advisory (SUSE-SU-2022:4247-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security fix for the ALT Linux 10 package thunderbird version 102.5.0-alt1

102.5.0-alt1 built Nov. 24, 2022 Pavel Vasenkov in task 310334 Nov. 16, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-45403 Service Workers might have learned size of cross-origin media files + CVE-2022-45404 Fullscreen notification bypass + CVE-2022-45405 Use-after-free in...