335 matches found
firefox: thunderbird: Confusing display of origin for external protocol handler prompt
The Mozilla Foundation's Security Advisory: The origin of an external protocol handler prompt could be obscured using a data: URL within an iframe...
firefox: thunderbird: Confusing display of origin for external protocol handler prompt
The Mozilla Foundation's Security Advisory: The origin of an external protocol handler prompt could be obscured using a data: URL within an iframe...
firefox: thunderbird: Confusing display of origin for external protocol handler prompt
The Mozilla Foundation's Security Advisory: The origin of an external protocol handler prompt could be obscured using a data: URL within an iframe...
firefox: thunderbird: Confusing display of origin for external protocol handler prompt
The Mozilla Foundation's Security Advisory: The origin of an external protocol handler prompt could be obscured using a data: URL within an iframe...
SUSE CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
CVE-2024-10460
The Mozilla Foundation's Security Advisory: The origin of an external protocol handler prompt could be obscured using a data: URL within an iframe...
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
CVE-2024-10460
The CVE-2024-10460 issue is a data: URL-based spoofing vulnerability in an iframe that obscures the origin of an external protocol handler prompt. Affected: Firefox <132, Firefox ESR <128.4, Thunderbird <128.4, and Thunderbird
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
CVE-2024-10460
The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
Mozilla Firefox < 132.0
The version of Firefox installed on the remote Windows host is prior to 132.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-55 advisory. - Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidenc...
Mozilla Firefox < 132.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 132.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-55 advisory. - Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs show...
RLSA-2024:6147 Moderate: nodejs:18 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import...
Rocky Linux 9 : nodejs:20 (RLSA-2024:5815)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5815 advisory. nodejs: Bypass network import restriction via data URL CVE-2024-22020 nodejs: fs.lstat bypasses permission model CVE-2024-22018 nodejs: fs.fchown/fchmod...
Rocky Linux 9 : nodejs:18 (RLSA-2024:6147)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6147 advisory. node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import restriction vi...
Rocky Linux 8 : nodejs:18 (RLSA-2024:6148)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:6148 advisory. node-tar: denial of service while parsing a tar file due to lack of folders depth validation CVE-2024-28863 nodejs: Bypass network import restriction vi...
Moderate: Red Hat Security Advisory: nodejs:18 security update
An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...