52 matches found
Astra Linux - уязвимость в firefox, thunderbird
By manipulating the text within the tag, an attacker could cause corrupted memory, leading to a potentially exploitable crash. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...
CVE-2026-33499 AVideo has Reflected XSS via unlockPassword Parameter in forbiddenPage.php and warningPage.php
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the view/forbiddenPage.php and view/warningPage.php templates reflect the $REQUEST'unlockPassword' parameter directly into an HTML tag's attributes without any output encoding or sanitization. An attacker can craf...
PT-2026-20847
Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.4.9 Description SPIP versions before 4.4.9 contain a Cross-Site Scripting XSS issue in the private area. The echappe anti xss function was not consistently applied to input, form, button, and anchor HTML tags, enabling...
DEBIAN-CVE-2026-24476
Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...
CVE-2026-24476
Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...
UBUNTU-CVE-2026-24476
Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...
CVE-2026-24476
Shaarli is a personal bookmarking service. Prior to version 0.16.0, crafting a malicious tag which starting with " prematurely ends the tag on the start page and allows an attacker to add arbitrary html leading to a possible XSS attack. Version 0.16.0 fixes the issue...
Linux Distros Unpatched Vulnerability : CVE-2024-5696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox...
Fedora 37 : js-jquery-ui (2022-7291b78111)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-7291b78111 advisory. A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting XSS attack via the initializatio...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory. This allows an attacker to execute arbitrary code or cause a service failure.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions using the tag...
USN-6862-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-5689, CVE-2024-5690,...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...
Mozilla: Memory Corruption in Text Fragments
The Mozilla Foundation Security Advisory describes this flaw as: By manipulating the text in an tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash...