bryaktestgrid (>=0.0.1 <=0.0.6), dojo-rql (>=0.1.0 <=0.3.2) +1 more potentially affected by CVE-2020-5259 via dojox (=1.11.2)

dojox NPM version =1.11.2 is affected by a known vulnerability. The following packages have a transitive dependency on dojox and may be impacted: - bryaktestgrid =0.0.1, =0.1.0, =0.0.1, =0.5.24 Source cves: CVE-2020-5259 Source advisory: SNYK:JS-DOJOX-559225...

CVE-2019-5259

There is an information leakage vulnerability on some Huawei productsAR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600. An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an...

CVE-2019-5259

CVE-2019-5259 is an information-leakage vulnerability affecting Huawei Enterprise routers including AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, and AR3600. According to linked sources, an attacker with low privileges can run specific commands to vie...

Security Advisory - Information Leakage Vulnerability on Some Huawei Products

There is an information leakage vulnerability on some Huawei products. An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition. Vulnerability ID: HWPSIRT-2019-04080 This vulnerability...

CVE-2017-5259

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/cnpilotrcmdexec.rb 2024-05-31 09:38:06+00:00| seen| MISP/d3fd7e8e-c7ec-41ca-87fe-462bb29963a6 2025-01-23 18:41:16+00:00| exploited|...

CVE-2018-5259

Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter...

CVE-2017-5259

Cambium Networks cnPilot firmware versions 4.3.2-R4 and earlier are affected by CVE-2017-5259, which exposes an undocumented root-privilege admin web shell. The vulnerability is accessible via the HTTP path https:///adm/syscmd.asp and is described as a backdoor that allows execution of arbitrary ...

Cambium cnPilot r200/r201 Command Execution as 'root'

Cambium cnPilot r200/r201 device software versions 4.2.3-R4 to 4.3.3-R4, contain an undocumented, backdoor 'root' shell. This shell is accessible via a specific url, to any authenticated user. The module uses this shell to execute arbitrary system commands as 'root'. This module requires...

openSUSE Security Update : Thunderbird (openSUSE-2016-1120)

update to Thunderbird 45.3.0 boo991809 - Disposition-Notification-To could not be used in mail.compose.other.header - 'edit as new message' on a received message pre-filled the sender as the composing identity. - Certain messages caused corruption of the drafts summary database. security fixes :...

FreeBSD : Mozilla -- multiple vulnerabilities (aa1aefe3-6e37-47db-bfda-343ef4acb1b5)

Mozilla Foundation reports : Please reference CVE/URL list for details %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2019 Jacques Vidrine and contributors Redistribution a...

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1057)

This update for MozillaThunderbird fixes the following issues : - update to Thunderbird 45.3.0 boo991809 - Disposition-Notification-To could not be used in mail.compose.other.header - 'edit as new message' on a received message pre-filled the sender as the composing identity. - Certain messages...

Updated firefox packages fix security vulnerability

Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2016-2836, CVE-2016-5258, CVE-2016-5259, CVE-2016-5252,...

Mozilla Firefox Security Advisories (MFSA2016-62, MFSA2016-84) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

CentOS Update for firefox CESA-2016:1551 centos7

Check the version of firefox SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882534";...

CentOS Update for firefox CESA-2016:1551 centos5

Check the version of firefox SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882537";...

CVE-2016-5259

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop...

CVE-2016-5259

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop...

CVE-2016-5259

CVE-2016-5259 : A use-after-free in the Mozilla Firefox function CanonicalizeXPCOMParticipant allows remote code execution via a script that closes its own Service Worker inside a nested sync event loop. Affected: Firefox before 48.0 and Firefox ESR 45.x before 45.3. Impact per sources: arbitrary...

CVE-2016-5259

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop...

Firefox < 48 Multiple Vulnerabilities (Mac OS X)

The version of Firefox installed on the remote Mac OS X host is prior to 48. It is, therefore, affected by multiple vulnerabilities : - An overflow condition exists in the expat XML parser due to improper validation of user-supplied input when handling malformed input documents. An attacker can...