821 matches found
CVE-2024-6612
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox 128 and Thunderbird 128...
CVE-2024-6612
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox 128 and Thunderbird 128...
CVE-2024-6612
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox 128 and Thunderbird 128...
CVE-2024-6612 CSP violation leakage when using devtools
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox 128 and Thunderbird 128...
CVE-2024-6612
CVE-2024-6612 describes a CSP violation leakage in devtools that caused DNS prefetching to reveal the CSP violation. Credible sources in the provided connected documents show impact on Mozilla Firefox and Thunderbird when running versions older than 128. The vulnerability is an information disclo...
CVE-2024-6612 CSP violation leakage when using devtools
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox 128 and Thunderbird 128...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. Mozilla Firefox and Thunderbird have an information disclosure vulnerability that is caused by a CSP violation...
KLA70414 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visual Studio can ...
KLA68912 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Visual Studio can be exploited remotely to gai...
KLA67403 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability can be exploited remotel...
RHEL 6 : chromium-browser (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - chromium-browser: Heap buffer overflow in clipboard CVE-2020-16025 - chromium-browser: Out of bounds writ...
RHEL 8 : OpenShift Developer Tools and Services for OCP 4.12 (RHSA-2023:1064)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1064 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
KLA65508 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft ODBC Driver for SQL Server can be exploited remotely to...
Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability
Talos Vulnerability Report TALOS-2024-1950 Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability April 3, 2024 CVE Number CVE-2024-21870 SUMMARY A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software...
Open Automation Software OAS Platform OAS Engine Save Security Configuration file write vulnerability
Talos Vulnerability Report TALOS-2024-1951 Open Automation Software OAS Platform OAS Engine Save Security Configuration file write vulnerability April 3, 2024 CVE Number CVE-2024-22178 SUMMARY A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open...
KLA65276 OSI vulnerability in Microsoft Developer Tools
An information disclosure vulnerability was found in Microsoft Developer Tools. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2024-29059 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-.NET-Framework...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Developer tools. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service or grant himself elevated privileges to granted and thereby potentially execute arbitrary code for which the malicious party is not initially authorized...
KLA65128 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visual Studio can be exploited remotely to...
Fedora: Security Advisory for plexus-containers (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: plexus-resources-1.3.0-4.fc40
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...