Astra Linux – Vulnerability in Firefox

Mozilla developers and community members reported memory safety bugs in Firefox 87. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versio...

Linux Distros Unpatched Vulnerability : CVE-2021-24001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not...

CVE-2023-27301

Improper access control in some IntelR ThunderboltTM DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-22342

Improper input validation in some IntelR ThunderboltTM DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access...

PT-2024-3286 · Intel · Intel Thunderbolt Dch Drivers

Name of the Vulnerable Software and Affected Versions: IntelR ThunderboltTM DCH drivers for Windows versions prior to 88 Description: The issue is related to improper access control in some IntelR ThunderboltTM DCH drivers for Windows, which may allow an authenticated user to potentially enable...

PT-2024-3284 · Intel · Intel Thunderbolt Dch Drivers

Name of the Vulnerable Software and Affected Versions: IntelR ThunderboltTM DCH drivers for Windows versions prior to 88 Description: The issue is related to improper buffer restrictions in some IntelR ThunderboltTM DCH drivers for Windows, which may allow a privileged user to potentially enable...

SUSE CVE-2021-23997

Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...

SUSE CVE-2021-29944

Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affec...

CVE-2021-29944

Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affec...

CVE-2021-23997

Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...

CVE-2021-24001

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...

CVE-2021-24000

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as input type="file" this could have led to an attack where a user was confused about the origin...

UBUNTU-CVE-2021-29947

Mozilla developers and community members reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...

UBUNTU-CVE-2021-21120

Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...