49 matches found
MiracleLinux 7 : firefox-78.6.0-1.0.1.el7.AXS7 (AXSA:2020-1070:27)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-1070:27 advisory. chromium-browser: Uninitialized Use in V8 CVE-2020-16042 Mozilla: Heap buffer overflow in WebGL CVE-2020-26971 Mozilla: CSS Sanitizer performed...
NewStart CGSL MAIN 6.02 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0119)
The remote NewStart CGSL host, running version MAIN 6.02, has thunderbird packages installed that are affected by multiple vulnerabilities: - Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory vi...
SUSE: Security Advisory (SUSE-SU-2020:3901-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3902-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.9.0 ESR + CVE-2020-26974) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF13 + CP4MCM2.2
Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-26974, CVE-2020-35111, CVE-2020-26973, CVE-2020-26978, CVE-2020-26971, CVE-2020-35112, CVE-2020-35113 Vulnerability Details CVEID: CVE-2020-26974 DESCRIPTION: Mozilla Firefox could allow a remote attacker to...
SUSE: Security Advisory (SUSE-SU-2020:3903-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-26973
The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...
openSUSE Security Update : MozillaFirefox (openSUSE-2020-2318)
This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.6.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 - CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed -...
openSUSE Security Update : MozillaFirefox (openSUSE-2020-2325)
This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.6.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 - CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed -...
Ubuntu: Security Advisory (USN-4701-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4701-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, or execute arbitrary...
Ubuntu 20.10 : Thunderbird vulnerabilities (USN-4701-1)
The remote Ubuntu 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4701-1 advisory. Several security issues were fixed in Thunderbird. Tenable has extracted the preceding description block directly from the Ubuntu security advisory. Note tha...
CVE-2020-26973
Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...
CVE-2020-26973
The provided connected sources confirm CVE-2020-26973 affects Mozilla Firefox and Thunderbird, tied to the CSS Sanitizer. Affected versions include Firefox prior to 84 and Thunderbird prior to 78.6 (Firefox ESR
Amazon Linux 2 : thunderbird (ALAS-2021-1586)
The version of thunderbird installed on the remote host is prior to 78.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1586 advisory. When drawing a transparent image on top of an unknown cross-origin image, the Skia library drawImage function took a...
GLSA-202012-20 : Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202012-20 Mozilla Firefox, Mozilla Thunderbird: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Thunderbird. Please review the CVE identifiers referenced below for details...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3902-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.6.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 - CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed -...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:3903-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.6.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 - CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed -...
Security update for MozillaFirefox (critical)
openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:2318-1 Rating: critical References: 1180039 Cross-References: CVE-2020-16042 CVE-2020-26971 CVE-2020-26973 CVE-2020-26974 CVE-2020-26978 CVE-2020-35111 CVE-2020-35112 CVE-2020-35113 Affected Products:...
Security update for MozillaThunderbird (critical)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:2317-1 Rating: critical References: 1180039 Cross-References: CVE-2020-16042 CVE-2020-26971 CVE-2020-26973 CVE-2020-26974 CVE-2020-26978 CVE-2020-35111 CVE-2020-35112 CVE-2020-35113 Affected Product...