304 matches found
CVE-2024-4772
An HTTP digest authentication nonce value was generated using rand which could lead to predictable values. This vulnerability affects Firefox 126...
CVE-2024-4772
An HTTP digest authentication nonce value was generated using rand which could lead to predictable values. This vulnerability affects Firefox 126...
CVE-2024-4772
CVE-2024-4772 affects Mozilla Firefox earlier than 126. Root cause: HTTP digest authentication nonce generated with rand(), making nonces potentially predictable. Public sources confirm Firefox 126 and newer fix the issue; affected product is Firefox (desktop/mobile variants in MFSA reference). R...
CVE-2024-4772
An HTTP digest authentication nonce value was generated using rand which could lead to predictable values. This vulnerability affects Firefox 126...
CVE-2024-4772
An HTTP digest authentication nonce value was generated using rand which could lead to predictable values. This vulnerability affects Firefox 126...
Mozilla Firefox < 126.0
The version of Firefox installed on the remote Windows host is prior to 126.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-21 advisory. - Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed...
Mozilla Firefox < 126.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 126.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-21 advisory. - Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs...
Security Vulnerabilities fixed in Firefox 126 — Mozilla
Multiple WebRTC threads could have claimed a newly connected audio input leading to use-after-free. A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. Web application manifests were stored by using an insecure MD5 hash...
openSUSE: Security Advisory for php7 (SUSE-SU-2023:2980-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for squid (SUSE-SU-2023:4380-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
php:8.1 security update
An update is available for php-pecl-zip, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-xdebug3, php-pecl-rrd, module.php-pecl-rrd, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
ALSA-2024:0387 Moderate: php:8.1 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...
Moderate: php:8.1 security update
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: DoS vulnerability when parsing multipart request body CVE-2023-0662 php: Missing error check and insufficient random bytes...
EulerOS 2.0 SP8 : php (EulerOS-SA-2023-3145)
According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was no...
[SECURITY] [DLA 3709-1] squid security update
Debian LTS Advisory DLA-3709-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 09, 2024 https://wiki.debian.org/LTS Package : squid Version : 4.6-1+deb10u9 CVE ID : CVE-2023-46846 CVE-2023-46847 CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 Debian Bug :...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2023-3445)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6500-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6500-2: Squid vulnerabilities
USN-6500-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to...
Critical: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Critical: Red Hat Security Advisory: squid security update
An update for squid is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...