150 matches found
Oracle Linux 7 : firefox (ELSA-2023-5477)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-5477 advisory. 115.3.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....
KLA61411 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in...
FreeBSD : chromium -- multiple vulnerabilities (07ee8c14-68f1-11ee-8290-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 07ee8c14-68f1-11ee-8290-a8a1599412c6 advisory. - Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote...
CVE-2023-5477
CVE-2023-5477 describes an inappropriate implementation in the Chrome/Chromium Installer prior to 118.0.5993.70 that could allow a local attacker to bypass discretionary access control via a crafted command. Connected advisories confirm affected products include Google Chrome/Chromium and note a ...
CVE-2023-5477
Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. Chromium security severity: Low...
Google Chrome < 118.0.5993.70 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 118.0.5993.70. It is, therefore, affected by multiple vulnerabilities as referenced in the 202310stable-channel-update-for-desktop10 advisory. - Use after free in Blink History in Google Chrome prior to 118.0.5993.70...
RHEL 7 : firefox (RHSA-2023:5477)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5477 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
K16909: BIND vulnerability CVE-2015-5477
Security Advisory Description An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit. CVE-2015-5477 Impact A remote attacker may be able...
Debian dla-3150 : rexical - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3150 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3150-1 [email protected] https://www.debian.org/lts/security/...
RHEL 8 : firefox (RHSA-2022:5477)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:5477 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
bind security update
32:9.8.2-0.68.rc1.0.3.8 - Backport fix for CVE-2018-5741 Orabug: 33496185 32:9.8.2-0.68.rc1.0.2.8 - Backport possible assertion failure on DNAME processing CVE-2021-25215 32:9.8.2-0.68.rc1.0.1.8 - Backport the fix for buffer overflow CVE-2020-8625 Orabug: 32588749 32:9.8.2-0.68.rc1.8 - Fix...
Mageia: Security Advisory (MGASA-2021-0063)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1322-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1304-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1316-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1305-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : rubygem-nokogiri (openSUSE-2021-237)
This update for rubygem-nokogiri fixes the following issues: rubygem-nokogiri was updated to 1.8.5 bsc1156722. Security issues fixed : - CVE-2019-5477: Fixed a command injection vulnerability bsc1146578. - CVE-2020-26247: Fixed an XXE vulnerability in Nokogiri::XML::Schema bsc1180507. This update...
MGASA-2021-0063 Updated ruby-nokogiri packages fix security vulnerabilities
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename...
Updated ruby-nokogiri packages fix security vulnerabilities
A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizerloadfile is being called with unsafe user input as the filename...
CVE-2020-5477
CVE-2020-5477 entry is rejected/not used per the initial description.