Security Vulnerabilities fixed in Thunderbird 115.5 — Mozilla

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to ...

Security Vulnerabilities fixed in Firefox ESR 115.5.0 — Mozilla

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to ...

Security Vulnerabilities fixed in Firefox 120 — Mozilla

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to ...

CVE-2023-47311

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

CVE-2023-47311

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

CVE-2023-47311

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

Stack overflow

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

CVE-2023-47311

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

PT-2023-30408 · Yamcs · Yamcs

Name of the Vulnerable Software and Affected Versions: Yamcs version 5.8.6 Description: An issue in Yamcs allows attackers to send arbitrary telecommands in a Command Stack via Clickjacking. Recommendations: For Yamcs version 5.8.6, at the moment, there is no information about a newer version tha...

Yamcs Security Vulnerabilities

Yamcs is an open source software framework from Yamcs Open Source. It is used to command and control spacecraft, satellites, payloads, ground stations and ground equipment. A security vulnerability exists in Space Applications Services Yamcs version 5.8.6, which originated from a vulnerability th...

CVE-2023-47311

CVE-2023-47311 affects Yamcs 5.8.6. The issue allows attackers to send arbitrary telecommands in a Command Stack via Clickjacking. Affected component is Yamcs’ Command Stack handling; root cause is described as a clickjacking path that enables issuance of unauthorized commands. Documented impact ...

WordPress Jetpack Plugin < 12.7 is vulnerable to Clickjacking

Software Jetpack Type Plugin Vulnerable versions 12.7 Fixed in 12.7 OWASP Top 10 A3: Injection Classification Clickjacking CVE CVE-2023-47774 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 18fefcc21cac Credits Rafie Muhammad Patchstack Required privilege Contributor...

webkitgtk: Visiting a malicious website may lead to address bar spoofing.

A vulnerability was found in WebKitGTK. This flaw occurs due to an issue in the component URL Handler, which allows a remote attacker to manipulate an unknown input that can lead to clickjacking...

USN-6456-2: Firefox regressions

USN-6456-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

CVE-2023-4956

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

CVE-2023-4956

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

Design/Logic Flaw

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

CVE-2023-4956 Quay: clickjacking on config-editor page severity

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

CVE-2023-4956

CVE-2023-4956 describes a clickjacking vulnerability in Red Hat Quay, where the config-editor page can be framed to trick an administrator into clicking UI controls, potentially reconfiguring parts of the Quay instance. Affected: Quay (config-editor). Root cause: improper framing protection enabl...

webkitgtk: Visiting a malicious website may lead to address bar spoofing.

A vulnerability was found in WebKitGTK. This flaw occurs due to an issue in the component URL Handler, which allows a remote attacker to manipulate an unknown input that can lead to clickjacking...