Astra Linux - уязвимость в firefox, thunderbird

An attacker who enumerated resources from the WebCompat extension could obtain a persistent UUID that identified the browser. This UUID could be used to switch between container-based modes and normal/private browsing mode, but not profiles. This vulnerability has been fixed in Firefox 140, Firef...

EUVD-2021-30816

Malicious code in bioql PyPI...

PentestMCP: A Toolkit for Agentic Penetration Testing

Agentic AI is transforming security by automating many tasks being performed manually. While initial agentic approaches employed a monolithic architecture, the Model-Context-Protocol has now enabled a remote-procedure call RPC paradigm to agentic applications, allowing for the flexible constructi...

Omnissa Workspace ONE UEM 安全漏洞

Omnissa Workspace ONE UEM is an endpoint management platform from Omnissa USA. A security vulnerability exists in Omnissa Workspace ONE UEM that stems from server-side request forgery and could lead to internal network resource enumeration...

CVE-2025-53709

Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily...

Amazon Linux 2 : firefox (ALASFIREFOX-2025-040)

The version of firefox installed on the remote host is prior to 128.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-040 advisory. A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox o...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser and persisted between containers and...

Mozilla Firefox ESR < 128.12

The version of Firefox ESR installed on the remote Windows host is prior to 128.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-53 advisory. - The executable file warning did not warn users before opening files with the terminal extension. This bug only...

CVE-2020-11453

Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still possible to exploit ...

First logon of the day for any user takes extra time to enumerate resources

First logon of the day for any user takes extra time to enumerate the Applications\Desktop. Subsequent logon for the same user is quick...

Delay in adding a store in Citrix Workspace 2203 and higher

Citrix Workspace App delays in adding the Store and enumerating resources when done manually or using a policy. This can also be seen with SSON being used with CWA...

Delay with enumerating resources after logging in to Citrix Workspace App during first login

In an isolated environment where there is no access to external sites ,there is delay when adding account/store in Workspace App...

CVE-2019-19030

Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal via the HTTP status code whether a resource exists...

Code injection

Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal via the HTTP status code whether a resource exists...