84 matches found
AlmaLinux 9 : firefox (ALSA-2024:7505)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7505 advisory. firefox: 115.16/128.3 ESR firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and...
Debian dsa-5783 : firefox-esr - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5783 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5783-1 [email protected] https://www.debian.org/securit...
SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2024:3518-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3518-1 advisory. Update to Firefox Extended Support Release 128.3.0 ESR MFSA-2024-47, bsc1230979: - CVE-2024-8900: Clipboard write permission bypass...
openSUSE Security Advisory (SUSE-SU-2024:3519-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:3518-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3519-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.3.0 ESR MFSA-2024-47, bsc1230979: - CVE-2024-8900: Clipboard write permission bypass - CVE-2024-9392: Compromised content process can bypass site isolation - CVE-2024-9393: Cross-origin acces...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Mozilla Firefox Security Update (MFSA2024-46) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox ESR Security Update (MFSA2024-48) - Mac OS X
Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Firefox Security Update (MFSA2024-46) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Fedora 40 : firefox (2024-5f39927e90)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5f39927e90 advisory. - New upstream builds 131.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox: thunderbird: Memory safety bugs fixed in Firefox 131 and Thunderbird 131...
CVE-2024-9393
creationtimestamp| type| source ---|---|--- 2024-10-01 18:36:10+00:00| seen| https://t.me/cvedetector/6768...
CVE-2024-9393
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full...
Mozilla Thunderbird < 128.3
The version of Thunderbird installed on the remote Windows host is prior to 128.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-49 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...
Mozilla Firefox ESR < 115.16
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.16. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-48 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...
Mozilla Firefox ESR < 115.16
The version of Firefox ESR installed on the remote Windows host is prior to 115.16. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-48 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...
Mozilla Thunderbird < 131.0
The version of Thunderbird installed on the remote Windows host is prior to 131.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-50 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...
Mageia: Security Advisory (MGASA-2017-0474)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...