Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

🔐 PDFGuardian Pro - Advanced PDF.js Security Fortification Fra...

EUVD-2010-3747

Malware in sbrugna...

EUVD-2022-43125

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2010-3768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate...

CVE-2024-25117 php-svg-lib lacks path validation on font through SVG inline styles

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

CVE-2024-25117 php-svg-lib lacks path validation on font through SVG inline styles

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

SUSE CVE-2010-3768

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via...

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

Ring 0 Army Knife: r0ak

r0ak is a Windows command-line utility that enables you to easily read, write, and execute kernel-mode code with some limitations from the command prompt, without requiring anything else other than Administrator privileges. Motivation The Windows kernel is a rich environment in which hundreds of...

FreeBSD Integer Overflow Vulnerability

FreeBSD is a set of Unix-like free operating systems in the FreeBSD project, headed by the Core Team team, and is an important branch of Unix-like systems that have evolved through BSD, 386BSD, and 4.4BSD. An integer overflow vulnerability exists in FreeBSD, which stems from the program's failure...

CVE-2018-6917

Removed by vendor...

Mozilla Products Multiple Vulnerabilities dec-10 (Windows)

The host is installed with Mozilla Firefox/Seamonkey/Thunderbird that are prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnwindec10.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Multiple Vulnerabilities dec-10 Windows Authors: Madhuri D Copyright:...

CVE-2010-3768

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via...

Code injection

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via...

CVE-2010-3768

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via...

CVE-2010-3768

CVE-2010-3768 affects Mozilla Firefox (before 3.5.16 and 3.6.x before 3.6.13), Thunderbird (before 3.0.11 and 3.1.x before 3.1.7), and SeaMonkey (before 2.0.11). The issue stems from improper validation of downloadable fonts in the OS font implementation, enabling remote code execution via vector...

CVE-2010-2741

The OpenType Font OTF format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 performs an incorrect integer calculation during font processing, which allows local users to gain privileges via a crafted application, aka "OpenType Font Validation Vulnerability."...

[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution

------------------------------------------------------------------------ Debian Security Advisory DSA-1548-1 [email protected] http://www.debian.org/security/ Devin Carraway April 17, 2008 http://www.debian.org/security/faq -...

Debian DSA-1466-1 : xorg-server - several vulnerabilities

The X.org fix for CVE-2007-6429 introduced a regression in the MIT-SHM extension, which prevented the start of a few applications. This update provides updated packages for the xfree86 version included in Debian old stable sarge in addition to the fixed packages for Debian stable etch, which were...