RHEL 9 : firefox (RHSA-2023:1786)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1786 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 9 : firefox (RHSA-2023:1785)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1785 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 8 : firefox (RHSA-2023:1787)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1787 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 7 : firefox (RHSA-2023:1791)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1791 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 8 : firefox (RHSA-2023:1789)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1789 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2023-29536

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...

CVE-2023-29535

The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...

CVE-2023-29531

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. This bug only affects Firefox for macOS. Other operating systems are unaffected...

CVE-2023-29544

If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CVE-2023-29535

Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-101-01)

The version of mozilla-firefox installed on the remote host is prior to 102.10.0esr / 112.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-101-01 advisory. - Unexpected data returned from the Safe Browsing API could have led to memory corruption and a...

CVE-2023-29536

An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for...

CVE-2023-29543

An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:1819-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1819-1 advisory. - Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This...

Mozilla Firefox < 112.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 112.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-13 advisory. - Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported...

Siemens SIPROTEC 5 Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SCALANCE X-200IRT Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SCALANCE XCM332

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Security Vulnerabilities fixed in Thunderbird 102.10 — Mozilla

An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.This bug only affects Thunderbird for macOS. Other operating systems are unaffected. A local attacker can trick the Mozilla Maintenance Service into...

PT-2023-9948 · Unknown · Hd Flv Player Plugin

Name of the Vulnerable Software and Affected Versions: HD FLV Player Plugin versions up to 1.7 Description: A critical issue has been found in the HD FLV Player Plugin, affecting the function hd add media/hd update media of the file functions.php. The manipulation of the argument name leads to SQ...