313 matches found
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofed on another site CVE-2024-1547 Mozilla: Memory...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofe...
ALSA-2024:0964 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofed on another site CVE-2024-1547 Mozilla: Memory...
Fedora 39 : thunderbird (2024-81863a1613)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-81863a1613 advisory. Update to 115.8.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/ https://www.thunderbird.net/en-US/thunderbird/115.8.0/releasenotes/...
RHEL 9 : thunderbird (RHSA-2024:0984)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0984 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla:...
SUSE-SU-2024:0608-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 115.8 bsc1220048: - CVE-2024-1546: Out-of-bounds memory read in networking channels - CVE-2024-1547: Alert dialog could have been spoofed on another site - CVE-2024-1548: Fullscreen Notification could have been...
SUSE-SU-2024:0607-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR MFSA 2024-06 bsc1220048: - CVE-2024-1546: Out-of-bounds memory read in networking channels - CVE-2024-1547: Alert dialog could have been spoofed on another site - CVE-2024-1548:...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofe...
ALSA-2024:0952 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fixes: Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofe...
RHEL 9 : firefox (RHSA-2024:0952)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0952 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
CVE-2024-1551
The Mozilla Foundation Security Advisory describes this flaw as: Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie respon...
SUSE-SU-2024:0580-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR MFSA 2024-06 bsc1220048: - CVE-2024-1546: Out-of-bounds memory read in networking channels - CVE-2024-1547: Alert dialog could have been spoofed on another site - CVE-2024-1548:...
CVE-2024-1551
The CVE-2024-1551 issue is a header-injection vulnerability in Set-Cookie handling within multipart HTTP responses. The root cause is that an attacker able to control the Content-Type header and part of the response body could inject Set-Cookie headers that the browser would honor. Affected produ...
CVE-2024-1551
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This...
Exploit for Cross-Site Request Forgery (CSRF) in Moxa Iologik_E1210_Firmware
This repository contains a Python script and a nuclei template d...
Input validation
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious...
CVE-2023-20215
CVE-2023-20215 affects Cisco AsyncOS for Cisco Secure Web Appliance. The vulnerability lies in the scanning engines’ handling of certain content-encodings (deflate, and by default lzma/brotli in some cases), enabling an unauthenticated, remote attacker to bypass an explicit block rule and cause t...
Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerability
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious...
Mastodon Social Network Patches Critical Flaws Allowing Server Takeover
Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called "instances," and it has over 14...