Amazon Linux 2 : firefox (ALASFIREFOX-2023-017)

The version of firefox installed on the remote host is prior to 115.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-017 advisory. A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportu...

Microsoft Edge (Chromium) < 118.0.2088.109 / 119.0.2151.72 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 118.0.2088.109 / 119.0.2151.72. It is, therefore, affected by multiple vulnerabilities as referenced in the November 16, 2023 advisory. - Microsoft Edge Chromium-based Remote Code Execution Vulnerability CVE-2023-36008...

CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Stable Channel Update for Desktop

The Stable channel has been updated to 119.0.6045.159 for Mac and Linux and 119.0.6045.159/.160 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 4 security fixes: 1497997 High CVE-2023-5997: Use after free in Garbage Collection. Reported by Anonymous on 2023-10-31 1499298 High CVE-2023-6112: Use after free in Navigation. Reported by Sergei Glazunov of Google Project Zero on 2023-11-04...

Google Chrome < 119.0.6045.159 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 119.0.6045.159. It is, therefore, affected by multiple vulnerabilities as referenced in the 202311stable-channel-update-for-desktop14 advisory. - Use after free in Navigation in Google Chrome prior to 119.0.6045.159...

PT-2023-7067 · Google +5 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.159 Microsoft Edge affected versions not specified Description: The issue is related to a use after free in the Garbage Collection component, which can be exploited by a remote attacker to potentiall...

Rocky Linux 9 : firefox (RLSA-2023:6188)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:6188 advisory. - VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. CVE-2023-44488 - It was possible for certain browser prompts an...

kernel: Linux kernel: Denial of Service due to improper io_uring/af_unix file cleanup

A flaw was found in the Linux kernel's iouring/afunix component. A local user could exploit improper handling of registered files during garbage collection. This vulnerability can lead to a memory leak, potentially causing a denial of service DoS on the system...

Fedora 39 : firefox (2023-bbb8d72c6f)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-bbb8d72c6f advisory. This update provides the latest release of Firefox, with an important security fix. We highly recommend you install this update immediately and...

Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.

The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...

Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.

The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...

Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.

The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...