Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-325-02)

The version of mozilla-firefox installed on the remote host is prior to 115.5.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-325-02 advisory. - On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read a...

Mozilla Firefox Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox versions prior to 120, Firefox ESR versions prior to 115.5, and Thunderbird versions prior to 115.5.0, which originates from the use of full-screen transitions in the...

Security Vulnerabilities fixed in Firefox ESR 115.5.0 — Mozilla

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to ...

Security Vulnerabilities fixed in Firefox 120 — Mozilla

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to ...

Security Vulnerabilities fixed in Thunderbird 115.5 — Mozilla

On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to ...

Mozilla Firefox < 115.5

The version of Firefox installed on the remote Windows host is prior to 115.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-50 advisory. - On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak...

CVE-2023-47311

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

CVE-2023-47311

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

CVE-2023-47311

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

Stack overflow

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

CVE-2023-47311

An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking...

Yamcs Security Vulnerabilities

Yamcs is an open source software framework from Yamcs Open Source. It is used to command and control spacecraft, satellites, payloads, ground stations and ground equipment. A security vulnerability exists in Space Applications Services Yamcs version 5.8.6, which originated from a vulnerability th...

PT-2023-30408 · Yamcs · Yamcs

Name of the Vulnerable Software and Affected Versions: Yamcs version 5.8.6 Description: An issue in Yamcs allows attackers to send arbitrary telecommands in a Command Stack via Clickjacking. Recommendations: For Yamcs version 5.8.6, at the moment, there is no information about a newer version tha...

CVE-2023-47311

CVE-2023-47311 affects Yamcs 5.8.6. The issue allows attackers to send arbitrary telecommands in a Command Stack via Clickjacking. Affected component is Yamcs’ Command Stack handling; root cause is described as a clickjacking path that enables issuance of unauthorized commands. Documented impact ...

WordPress Jetpack Plugin < 12.7 is vulnerable to Clickjacking

Software Jetpack Type Plugin Vulnerable versions 12.7 Fixed in 12.7 OWASP Top 10 A3: Injection Classification Clickjacking CVE CVE-2023-47774 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 18fefcc21cac Credits Rafie Muhammad Patchstack Required privilege Contributor...

webkitgtk: Visiting a malicious website may lead to address bar spoofing.

A vulnerability was found in WebKitGTK. This flaw occurs due to an issue in the component URL Handler, which allows a remote attacker to manipulate an unknown input that can lead to clickjacking...

USN-6456-2: Firefox regressions

USN-6456-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

CVE-2023-4956

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

CVE-2023-4956

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...

Design/Logic Flaw

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerab...