Fedora 38 : thunderbird (2024-278a776610)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-278a776610 advisory. Update to 115.7.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-04/ https://www.thunderbird.net/en-US/thunderbird/115.7.0/releasenotes/...

Poisoning AI Models

New research into poisoning AI models: The researchers first trained the AI models using supervised learning and then used additional "safety training" methods, including more supervised learning, reinforcement learning, and adversarial training. After this, they checked if the AI still had hidde...

Denial Of Service (DoS)

org.springframework: spring-core is vulnerable to Denial of Service DoS. The vulnerability is due to the mishandling of specially crafted HTTP requests, which can result in Denial of Service DoS. As a prerequisite, Spring MVC and Spring Security must be on the classpath for this vulnerability to ...

Debian dsa-5605 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5605 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5605...

Fedora 39 : firefox (2024-14dea9640b)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-14dea9640b advisory. - Updated to new upstream 122.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

CVE-2024-0744

In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox 122...

CVE-2024-0743

An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.9, and Thunderbird 115.9...

UBUNTU-CVE-2024-0744

In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox 122...

Design/Logic Flaw

An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

Code injection

An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox 122...

Code injection

In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox 122...

CVE-2024-0752

A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox 122...

CVE-2024-0744

In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox 122...

CVE-2024-0743

An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.9, and Thunderbird 115.9...

CVE-2024-0744

Vulnerability CVE-2024-0744 affects Mozilla Firefox. A JIT-compiled code path could dereference a wild pointer, potentially causing an exploitable crash in Firefox versions older than 122. Affected products/versions include Firefox

CVE-2024-0743

An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.9, and Thunderbird 115.9...

CVE-2024-0743

An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.9, and Thunderbird 115.9...

CVE-2024-0744

In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox 122...

CVE-2024-0755

Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 122, Firefox ESR...

CVE-2024-0741

An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...