WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting

A cross-site scripting vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI. id: CVE-2012-4768 info: name: WordPress Plugin Download Monitor 3.3.5.9 - Cross-Site...

MiracleLinux 7 : firefox-115.11.0-1.0.1.el7.AXS7 (AXSA:2024-7743:18)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7743:18 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

Linux Distros Unpatched Vulnerability : CVE-2016-4768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 10, tvOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 allows remote attackers to execute arbitrary code or cause ...

TencentOS Server 3: firefox (TSSA-2024:0240)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0240 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2010-4768

Open Ticket Request System OTRS before 2.3.5 does not properly disable hidden permissions, which allows remote authenticated users to bypass intended queue access restrictions in opportunistic circumstances by visiting a ticket, related to a certain ordering of permission-set and permission-remov...

CVE-2025-4768

A vulnerability classified as critical has been found in fenghaha/megagao ssm-erp and productionssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely...

CVE-2025-4768

creationtimestamp| type| source ---|---|--- 2025-05-16 10:34:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16670...

CVE-2025-4768

A vulnerability classified as critical has been found in fenghaha/megagao ssm-erp and productionssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely...

CVE-2025-4768 feng_ha_ha/megagao ssm-erp/production_ssm PictureServiceImpl.java uploadPicture unrestricted upload

A vulnerability classified as critical has been found in fenghaha/megagao ssm-erp and productionssm 1.0. This affects the function uploadPicture of the file PictureServiceImpl.java. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely...

CVE-2025-4768

CVE-2025-4768 affects feng_ha_ha/megagao ssm-erp and production_ssm 1.0. The vulnerability exists in the function uploadPicture within PictureServiceImpl.java , where manipulation of the argument File enables an unrestricted upload. Exploitation can be initiated remotely, and the exploit has been...

CGA-GVH6-P87F-4768

Bulletin has no description...

openSUSE Security Advisory (SUSE-SU-2024:1858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RLSA-2024:3784 Moderate: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fixes: firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox: Potential...

RLSA-2024:3783 Moderate: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.11.0 ESR. Security Fixes: firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsi...

Rocky Linux 8 : firefox (RLSA-2024:3783)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3783 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

Rocky Linux 9 : thunderbird (RLSA-2024:2888)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2888 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

Slackware: Security Advisory (SSA:2024-164-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.11.1-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mo...

Oracle Linux 8 : thunderbird (ELSA-2024-3784)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3784 advisory. 115.11.0-1.0.1 - Add Oracle prefs file 115.11.0-1 - Update to 115.11.0 build2 Tenable has extracted the preceding description block directly from the...

Moderate: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...