9454 matches found
Debian DSA-5485-1 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5485 advisory. - When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in IPC ColorPickerShownCallback
The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...
Mozilla: Memory corruption in IPC CanvasTranslator
The Mozilla Foundation Security Advisory describes this flaw as: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in IPC CanvasTranslator
The Mozilla Foundation Security Advisory describes this flaw as: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash...
Mozilla: Memory corruption in IPC ColorPickerShownCallback
The Mozilla Foundation Security Advisory describes this flaw as: When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in IPC CanvasTranslator
The Mozilla Foundation Security Advisory describes this flaw as: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash...
Mozilla: Memory corruption in JIT UpdateRegExpStatics
The Mozilla Foundation Security Advisory describes this flaw as: When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash...
Mozilla: Memory corruption in IPC CanvasTranslator
The Mozilla Foundation Security Advisory describes this flaw as: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash...
Fedora 38 : firefox (2023-c679c55cf8)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c679c55cf8 advisory. - New upstream version 117.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
ARDEREG Sistemas SCADA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ARDEREG Equipment: Sistemas SCADA Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate SQL query logic to extract...
PTC Kepware KepServerEX (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : PTC Equipment : Kepware KepServerEX Vulnerabilities : Uncontrolled Search Path Element, Improper Input Validation, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of...
Digi RealPort Protocol
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Digi International, Inc. Equipment: Digi RealPort Protocol Vulnerability: Use of Password Hash Instead of Password for Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the...