3797 matches found
Mozilla: Potential permissions request bypass via clickjacking
The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printers on Linux...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printers on Linux...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.7.0 ESR. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742...
ALSA-2024:0603 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.7.0 ESR. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742...
ALSA-2024:0608 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.7.0 ESR. Security Fixes: Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742...
SUSE: Security Advisory (SUSE-SU-2024:0229-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5606-1] firefox-esr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5606-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 24, 2024 https://www.debian.org/security/faq -...
The vulnerability of software for downloading pyload files is related to improper restrictions on the number of displayed layers or frames in the user interface. This allows a perpetrator to carry out a clickjacking attack.
The vulnerability of the software for downloading pyload files is related to improper restrictions on the number of layers or frames that can be displayed in the user interface. Exploiting this vulnerability allows a remote attacker to carry out a clickjacking attack...
The vulnerability of the microprogramming software in the Moxa OnCell G3150A-LTE industrial LTE modem series arises from improper limitation of the number of displayed layers or frames on the user interface. This allows attackers to carry out a clickjacking attack.
The vulnerability of the microprogramming software in the Moxa OnCell G3150A-LTE industrial LTE modem series lies in improper restrictions on the layers or frames displayed by the user interface. Exploiting this vulnerability allows a remote attacker to carry out a clickjacking attack...
CentOS 8 : firefox (CESA-2024:0012)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0012 advisory. - The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow...
Updated nss and firefox packages fix security vulnerabilities
The updated packages fix security vulnerabilities Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver. CVE-2023-6856 Potential exposure of uninitialized data in EncryptingOutputStream. CVE-2023-6865 Symlinks may resolve to smaller than expected buffers...
RLSA-2024:0012 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.6.0 ESR. Security Fixes: Mozilla: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla...
firefox security update
An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...
Important: thunderbird
Issue Overview: On some systems--depending on the graphics settings and drivers--it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox 120, Firefox 115.5, and Thunderbird 115.5.0. CVE-2023-6204 It was...
Mozilla: Clickjacking permission prompts using the popup transition
The Mozilla Foundation Security Advisory describes this flaw as: The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the...
Mozilla: Clickjacking permission prompts using the popup transition
The Mozilla Foundation Security Advisory describes this flaw as: The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Mozilla: Clickjacking permission prompts using the popup transition
The Mozilla Foundation Security Advisory describes this flaw as: The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the...
Mozilla: Clickjacking permission prompts using the popup transition
The Mozilla Foundation Security Advisory describes this flaw as: The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the...