70 matches found
MiracleLinux 7 : firefox-68.8.0-1.0.1.el7.AXS7 (AXSA:2020-073:10)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-073:10 advisory. Mozilla: Use-after-free during worker shutdown CVE-2020-12387 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 CVE-2020-12395...
Linux Distros Unpatched Vulnerability : CVE-2020-6831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash...
RHEL 5 : usrsctp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - usrsctp: Buffer overflow in AUTH chunk input validation CVE-2020-6831 - usrsctp before 2019-12-20 has...
Oracle Linux 6 : firefox (ELSA-2020-2036)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-2036 advisory. - Added fix for mozbz1348168/CVE-2017-5428 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
Slackware: Security Advisory (SSA:2020-126-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0209)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Firefox Security Advisory (MFSA2020-16) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
SUSE: Security Advisory (SUSE-SU-2020:14359-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1209-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1218-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2020-0064)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after- free. We are aware of targeted attacks in...
Exploiting Android Messengers with WebRTC: Part 2
Posted by Natalie Silvanovich, Project Zero This is a three-part series on exploiting messenger applications using vulnerabilities in WebRTC. This series highlights what can go wrong when applications don't apply WebRTC patches and when the communication and notification of security issues breaks...
Microsoft Edge (Chromium) < 81.0.416.72 Multiple Vulnerabilities
The version of Microsoft Edge Chromium installed on the remote Windows host is prior to 81.0.416.72. It is, therefore, affected by multiple vulnerabilities: - A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentiall...
openSUSE Security Update : opera (openSUSE-2020-917)
This update for opera fixes the following issues : Opera was updated to version 68.0.3618.104 - CHR-7909 Update chromium on desktop-stable-81-3618 to 81.0.4044.138 - CVE-2020-6831, CVE-2020-6464 - DNA-85609 Mac Tabs shrinking & disappearing - DNA-85629 Crash at...
NewStart CGSL MAIN 6.01 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0036)
The remote NewStart CGSL host, running version MAIN 6.01, has thunderbird packages installed that are affected by multiple vulnerabilities: - By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 68.8 ESR) hava affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF11 + ICAM2019.3.0 - 2020.1.0
Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2020-6831, CVE-2020-12387, CVE-2020-12392, CVE-2020-12395 Vulnerability Details CVEID: CVE-2020-12395 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2020:0917-1 Rating: important References: Cross-References: CVE-2020-6464 CVE-2020-6831 Affected Products: openSUSE Leap 15.2:NonFree An update that fixes two vulnerabilities is now available. Description: This updat...
CVE-2020-6831
CVE-2020-6831 is a bug described in Debian security advisories as a buffer overflow in the SCTP chunk input validation in the usrsctp library. The Debian entries explicitly tie this CVE to Firefox ESR (<68.8), Firefox (<76) and Thunderbird (
USN-4373-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. CVE-2020-6831, CVE-2020-12387, CVE-2020-12395 It wa...
openSUSE Security Update : opera (openSUSE-2020-709)
This update for opera fixes the following issues : Opera was updated to version 68.0.3618.104 - CHR-7909 Update chromium on desktop-stable-81-3618 to 81.0.4044.138 - CVE-2020-6831, CVE-2020-6464 - DNA-85609 Mac Tabs shrinking & disappearing - DNA-85629 Crash at...