DEBIAN-CVE-2023-5728

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...

CVE-2023-46650

Jenkins GitHub Plugin 1.37.3 and earlier does not escape the GitHub project URL on the build page when showing changes, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Code injection

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

CVE-2023-4966-POC POC for Citrix NetScaler CVE-2023-4966 ---...

UBUNTU-CVE-2023-5728

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...

Debian DSA-5535-1 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5535 advisory. - It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay...

CVE-2023-5728

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...

CVE-2023-5728

The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...

CVE-2023-5728

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...

DEBIAN-CVE-2023-45663

stbimage is a single file MIT licensed library for processing images. The stbigetn function reads a specified number of bytes from context typically a file into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not...

CVE-2023-45663

stbimage is a single file MIT licensed library for processing images. The stbigetn function reads a specified number of bytes from context typically a file into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not...

Design/Logic Flaw

stbimage is a single file MIT licensed library for processing images. The stbigetn function reads a specified number of bytes from context typically a file into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not...

Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerability (USN-4020-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4020-1 advisory. A type confusion bug was discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by...

CVE-2023-45663 Disclosure of uninitialized memory in stbi__tga_load in stb_image

stbimage is a single file MIT licensed library for processing images. The stbigetn function reads a specified number of bytes from context typically a file into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not...

CVE-2023-45663 Disclosure of uninitialized memory in stbi__tga_load in stb_image

stbimage is a single file MIT licensed library for processing images. The stbigetn function reads a specified number of bytes from context typically a file into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not...

HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...

the function _validateExecutionRequest checks the valid excutor account by the address of account given in call data instead of msg.sender which is realy easily exploitble

Lines of code Vulnerability details Impact the function validateExecutionRequest checks the valid excutor account by the address of account given in call data instead of msg.sender which is realy easily exploitable if you look at the function function validateExecutionRequestExecutionRequest...

CVE-2023-22104

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

CVE-2023-22103

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2023-22097

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...