Lucene search
K

313 matches found

RedHat Linux
RedHat Linux
added 2024/02/26 12:29 a.m.66 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.1CVSS7AI score0.00937EPSS
Exploits1References9
AlmaLinux
AlmaLinux
added 2024/02/26 12:0 a.m.55 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofed on another site CVE-2024-1547 Mozilla: Memory...

8.1CVSS8AI score0.00937EPSS
Exploits1References18
AlmaLinux
AlmaLinux
added 2024/02/26 12:0 a.m.70 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofe...

8.1CVSS8.1AI score0.00937EPSS
Exploits1References18
OSV
OSV
added 2024/02/26 12:0 a.m.43 views

ALSA-2024:0964 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofed on another site CVE-2024-1547 Mozilla: Memory...

8.1CVSS8.4AI score0.00937EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2024/02/26 12:0 a.m.25 views

Fedora 39 : thunderbird (2024-81863a1613)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-81863a1613 advisory. Update to 115.8.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/ https://www.thunderbird.net/en-US/thunderbird/115.8.0/releasenotes/...

8.1CVSS7.3AI score0.00937EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/02/26 12:0 a.m.40 views

RHEL 9 : thunderbird (RHSA-2024:0984)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0984 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla:...

8.1CVSS7.6AI score0.00937EPSS
Exploits1References18
OSV
OSV
added 2024/02/23 7:1 p.m.6 views

SUSE-SU-2024:0608-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 115.8 bsc1220048: - CVE-2024-1546: Out-of-bounds memory read in networking channels - CVE-2024-1547: Alert dialog could have been spoofed on another site - CVE-2024-1548: Fullscreen Notification could have been...

8.1CVSS7.3AI score0.00937EPSS
Exploits1References10
OSV
OSV
added 2024/02/23 7:1 p.m.10 views

SUSE-SU-2024:0607-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR MFSA 2024-06 bsc1220048: - CVE-2024-1546: Out-of-bounds memory read in networking channels - CVE-2024-1547: Alert dialog could have been spoofed on another site - CVE-2024-1548:...

8.1CVSS7.4AI score0.00937EPSS
Exploits1References11
AlmaLinux
AlmaLinux
added 2024/02/22 12:0 a.m.41 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofe...

8.1CVSS8.1AI score0.00937EPSS
Exploits1References18
OSV
OSV
added 2024/02/22 12:0 a.m.28 views

ALSA-2024:0952 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofe...

8.1CVSS8.4AI score0.00937EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2024/02/22 12:0 a.m.22 views

RHEL 9 : firefox (RHSA-2024:0952)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0952 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.1CVSS7.6AI score0.00937EPSS
Exploits1References18
RedhatCVE
RedhatCVE
added 2024/02/21 4:46 p.m.43 views

CVE-2024-1551

The Mozilla Foundation Security Advisory describes this flaw as: Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie respon...

6.1CVSS7.2AI score0.00743EPSS
Exploits1References5
OSV
OSV
added 2024/02/21 11:57 a.m.8 views

SUSE-SU-2024:0580-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR MFSA 2024-06 bsc1220048: - CVE-2024-1546: Out-of-bounds memory read in networking channels - CVE-2024-1547: Alert dialog could have been spoofed on another site - CVE-2024-1548:...

8.1CVSS7.4AI score0.00937EPSS
Exploits1References11
CVE
CVE
added 2024/02/20 1:21 p.m.6825 views

CVE-2024-1551

The CVE-2024-1551 issue is a header-injection vulnerability in Set-Cookie handling within multipart HTTP responses. The root cause is that an attacker able to control the Content-Type header and part of the response body could inject Set-Cookie headers that the browser would honor. Affected produ...

6.1CVSS7.5AI score0.00743EPSS
Exploits1References6Affected Software2
AlpineLinux
AlpineLinux
added 2024/02/20 1:21 p.m.36 views

CVE-2024-1551

Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This...

6.1CVSS7.8AI score0.00743EPSS
Exploits1
GithubExploit
GithubExploit
added 2024/01/31 3:0 p.m.495 views

Exploit for Cross-Site Request Forgery (CSRF) in Moxa Iologik_E1210_Firmware

This repository contains a Python script and a nuclei template d...

8.8CVSS8.7AI score0.00373EPSS
Exploits1
Prion
Prion
added 2023/08/03 10:15 p.m.21 views

Input validation

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious...

5CVSS5.4AI score0.00476EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/08/03 9:16 p.m.82 views

CVE-2023-20215

CVE-2023-20215 affects Cisco AsyncOS for Cisco Secure Web Appliance. The vulnerability lies in the scanning engines’ handling of certain content-encodings (deflate, and by default lzma/brotli in some cases), enabling an unauthenticated, remote attacker to bypass an explicit block rule and cause t...

5.8CVSS5.4AI score0.00476EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2023/08/02 4:0 p.m.40 views

Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerability

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious...

5.8CVSS5.6AI score0.00476EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/07/07 12:55 p.m.36 views

Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called "instances," and it has over 14...

7.7AI score0.4011EPSS
Exploits0
Rows per page
Query Builder