Astra Linux - уязвимость в firefox

Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 105. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...

Astra Linux – Vulnerability in Thunderbird

An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106...

Linux Distros Unpatched Vulnerability : CVE-2022-42932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed...

SUSE CVE-2022-42931

Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username not password was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox 106...

SUSE CVE-2022-3449

Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

SUSE CVE-2022-46885

Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

CVE-2022-46885

Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

DEBIAN-CVE-2022-46881

An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 106...

CVE-2022-42931

Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username not password was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox 106...

CVE-2022-3443

Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page. Chromium security severity: Low...

UBUNTU-CVE-2022-3444

Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page and malicious file. Chromium security severity: Low...

DEBIAN-CVE-2022-3373

Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

UBUNTU-CVE-2022-42931

Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username not password was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox 106...

UBUNTU-CVE-2022-42930

If two Workers were simultaneously initializing their CacheStorage, a data race could have occurred in the ThirdPartyUtil component. This vulnerability affects Firefox 106...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A denial of service vulnerability exists in Mozilla Firefox versions prior to 106, Firefox ESR versions prior to 102.4, and Thunderbird versions prior to 102.4. An attacker could exploit this...

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 106.0.5249.62, which stems from a mix-up in instructions responsible for freeing memory in Media. An attacker could exploit the vulnerability potential...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in Google Chrome versions prior to 106, which stems from an incorrect security UI for full-screen display...