CVE-2024-11698

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click...

CVE-2024-11697

When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

CVE-2024-11698

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click...

UBUNTU-CVE-2024-11698

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click...

CVE-2024-11698

CVE-2024-11698 is a macOS-specific fullscreen lock-up in Firefox/Thunderbird when a modal dialog interrupts a fullscreen transition. Affected products are Firefox and Thunderbird desktop releases older than Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird ESR 128.5. The issue can ...

CVE-2024-11698

A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click...

CVE-2024-11697

When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

CVE-2024-11697

When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

CVE-2024-11697

When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox 133, Firefox ESR 128.5, Thunderbird 133, and Thunderbird 128.5...

CVE-2024-11697

The CVE-2024-11697 entry concerns Mozilla Firefox and Thunderbird and involves improper handling of keypresses in the Executable File Confirmation dialog. Affected versions are Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A code...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A denia...

The vulnerability of the Mozilla Firefox browser on Android operating systems involves a false representation of critical information to the user’s interface, allowing attackers to perform spear-phishing attacks.

The vulnerability of the Mozilla Firefox browser on Android operating systems is related to incomplete display of file names in the download dialog window. Exploiting this vulnerability allows a remote attacker to perform spearishing attacks...

PYSEC-2024-201

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.2 contain reflected XSS vulnerabilities in the login dialog and the standalone application key confirmation dialog. An attacker who successfully talked a victim into clicking on...

CVE-2024-49377 Jinja2 Templates are vulnerable to XSS attacks due to their configuration in OctoPrint

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.2 contain reflected XSS vulnerabilities in the login dialog and the standalone application key confirmation dialog. An attacker who successfully talked a victim into clicking on...

PT-2024-33491 · Octoprint · Octoprint

Name of the Vulnerable Software and Affected Versions: OctoPrint versions up to and including 1.10.2 Description: OctoPrint provides a web interface for controlling consumer 3D printers. The software contains reflected XSS vulnerabilities in the login dialog and the standalone application key...

October 24, 2024—KB5044384 (OS Build 26100.2161) Preview

October 24, 2024—KB5044384 OS Build 26100.2161 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 24H2, see its update history page. Note Follow @WindowsUpdate to...

Unspecified Vulnerability in Mozilla Firefox (CNVD-2024-44471)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 131, which stems from the fact that a specially crafted filename containing a large number of spaces may obscure the file's...

Znuny 安全漏洞

Znuny is a work order system from Znuny, Inc. A security vulnerability exists in Znuny versions 6.5.1 through 6.5.10, 7.0.1 through 7.0.16, and 6.0, which stems from a cross-site scripting vulnerability in which JavaScript code in the short description of the SLA field in the Activity dialog box...

ROS-20241009-02

A vulnerability exists in Firefox ESR and Firefox due to a type error when searching for a property name in the "with" block. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Firefox browser vulnerability, Firefox ESR vulnerability is related to...