Oracle Linux 7 : firefox (ELSA-2023-7509)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7509 advisory. 115.5.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

Mozilla: Clickjacking permission prompts using the fullscreen transition

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

Mozilla: Clickjacking permission prompts using the fullscreen transition

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

Mozilla: Clickjacking permission prompts using the fullscreen transition

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

RHEL 9 : thunderbird (RHSA-2023:7506)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7506 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.5.0. Security Fixes: Mozilla:...

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6509-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6509-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...

CVE-2023-6206

The Mozilla Foundation Security Advisory describes this flaw as: The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant butto...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

UBUNTU-CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

CVE-2023-6206

CVE-2023-6206 is described across connected sources as a clickjacking-related issue tied to the fullscreen transition in Mozilla Firefox and Thunderbird. The vulnerability affects Firefox versions older than 120, Firefox ESR older than 115.5.0, and Thunderbird older than 115.5.0. The issue is dis...

CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

Adobe After Effects Out-of-Bounds Write Vulnerability (CNVD-2023-91790)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds write vulnerability exists in Adobe After Effects versions...

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2023-91792)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects versions...

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2023-91794)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. AAdobe After Effects version 24.0.2 and earlier and version 23.6 and earlie...

Adobe Animate Out-of-Bounds Read Vulnerability (CNVD-2023-91795)

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. An out-of-bounds read vulnerability exists in Adobe Animate 23.0.2 and earlier versions, which can be exploited by attackers to obtain sensitive information...

Webpushr < 4.35.0 - Unauthenticated Stored XSS

Description The plugin does not prevent visitors on the site from changing some of the plugin options, some of which may be used to conduct Stored XSS attacks. 1. Woocommerce needs to be installed as well as activating webpushr-web-push-notifications by creating an account. 2. Run the following...

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2023-82672)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe, which is mainly used for 2D and 3D compositing, animation and visual effects production. An out-of-bounds read vulnerability exists in Adobe After Effects versions 18.4....

OPENSUSE-SU-2023:0337-1 Security update for opera

This update for opera fixes the following issues: - Update to 104.0.4944.23 DNA-110465 Scrollable tab strip Weird animation when closing tab DNA-112021 Favicons disappear from history after being hovered over DNA-112310 Put opening animation on start page behind a flag DNA-112462 Crash at...

PT-2023-8455 · FFmpeg · Ffmpeg

Name of the Vulnerable Software and Affected Versions: FFmpeg versions prior to 6.1 Description: The issue is related to an integer overflow vulnerability in the jpegxl anim read packet function of the JPEG XL Animation decoder in the FFmpeg multimedia library. This vulnerability can be exploited...