18 matches found
EUVD-2023-31871
Malicious code in bioql PyPI...
August 6, 2024, update for Access 2016 (KB5002589)
August 6, 2024, update for Access 2016 KB5002589 This article describes update 5002589 for Microsoft Access 2016 that was released on August 6, 2024.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to...
CVE-2023-28163
When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.. This vulnerabilit...
CVE-2023-28163
When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.. This vulnerabilit...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.9ESR) have affected APM Synthetic Playback Agent
Summary APM Synthetic Playback Agent is vulnerable to Firefox ESR CVE-2023-28163, CVE-2023-25752, CVE-2023-28164, CVE-2023-28162, CVE-2023-25751. Firefox ESR is used by APM Synthetic Playback Agent for running the selenium scripts. The fix includes support for Firefox 102.9 ESR. Vulnerability...
Mozilla Thunderbird Security Advisory (MFSA2023-15) - Mac OS X
Thunderbird is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Windows operating systems is related to insufficient protection of sensitive data. This vulnerability allows attackers to compromise the confidentiality and integrity of protected information.
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird on Windows operating systems is related to insufficient protection of sensitive data during the processing of save requests through the “Save As” dialog box. Exploiting this vulnerability can allow an attacker to...
Amazon Linux 2 : thunderbird (ALAS-2023-1988)
The version of thunderbird installed on the remote host is prior to 102.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1988 advisory. The Mozilla Foundation describes this issue as follows: Sometimes, when invalidating JIT code while following an...
SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2023:0835-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0835-1 advisory. Update to version 102.9.0 ESR bsc1209173: - CVE-2023-28159: Fullscreen Notification could have...
SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:0763-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0763-1 advisory. Update to version 102.9.0 ESR bsc1209173: - CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on...
SUSE CVE-2023-28163
When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.. This vulnerabilit...
Mozilla Thunderbird < 102.9
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 102.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-11 advisory. - Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety...
Mozilla Thunderbird < 102.9
The version of Thunderbird installed on the remote Windows host is prior to 102.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-11 advisory. - Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs...
Security Vulnerabilities fixed in Firefox ESR 102.9 — Mozilla
Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website...
KLA48551 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in JIT...
Akamai Download Manager Arbitrary Download / Execution
------------------------------------------------------------------------ Akamai Download Manager arbitrary file download & execution ------------------------------------------------------------------------ Yorick Koster, April 2009...
Design/Logic Flaw
Genius VideoCAM NB Driver does not drop privileges when saving files, which allows local users to gain privileges by opening arbitrary files via the "save as" dialog...
CVE-2006-1484
Genius VideoCAM NB Driver is affected by a local privilege escalation where privileges are not dropped when saving files. The vulnerability enables local users to gain higher privileges by opening arbitrary files through the driver’s save-as dialog. Affected component is the Genius VideoCAM NB Dr...