9454 matches found
Rockwell Automation ControlLogix and GuardLogix
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : ControlLogix, GuardLogix Vulnerability : Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of...
Mitsubishi Electric FA Engineering Software Products (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : EZSocket, FR Configurator2, GT Designer3 Version1GOT1000, GT Designer3 Version1GOT2000, GX Works2, GX Works3, MELSOFT Navigator, MT Works2, MX Component, MX...
RHEL 8 : firefox (RHSA-2024:0596)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0596 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 7 : thunderbird (RHSA-2024:0601)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0601 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fixes: Mozilla:...
RHEL 8 : firefox (RHSA-2024:0622)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0622 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 8 : thunderbird (RHSA-2024:0565)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0565 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fixes: Mozilla:...
RHEL 9 : firefox (RHSA-2024:0604)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0604 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 9 : thunderbird (RHSA-2024:0616)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0616 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fixes: Mozilla:...
Fatal Error Notify < 1.5.3 - Subscriber+ Test Error Email Sending
Description The plugin does not have authorisation and CSRF checks in its testerror AJAX action, allowing any authenticated users, such as subscriber to call it and spam the admin email address with error messages. The issue is also exploitable via CSRF PoC As a subscriber, open...
RHEL 7 : firefox (RHSA-2024:0600)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0600 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Oracle Business Intelligence Enterprise Edition (January 2024 CPU)
The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6610-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6610-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...
CVE-2024-0752
A use-after-free crash can occur on a macOS if a Firefox update is applied on a busy system. This flaw can result in an exploitable crash...
CVE-2024-0743
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
CVE-2024-0745
A stack buffer overflow flaw was found in Firefox in the WebAudio OscillatorNode object. This flaw can lead to a potentially exploitable crash...
CVE-2024-0741
The Mozilla Foundation Security Advisory describes this flaw as: An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash...
CVE-2023-40547
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...
SystemK NVR 504/508/516
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : SystemK Equipment : NVR 504/508/516 Vulnerability : Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker...
Debian dla-3720 : thunderbird - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3720 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3720-1 [email protected]...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2024:0211-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0211-1 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This...