15 matches found
USN-8038-1 nginx vulnerability
It was discovered that nginx incorrectly handled proxying to upstream TLS servers. An attacker could possibly use this issue to insert plain text data into the response from an upstream proxied server...
MiracleLinux 8 : thunderbird-91.5.0-1.el8.ML.1 (AXSA:2022-2980:02)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2980:02 advisory. Mozilla: Iframe sandbox bypass with XSLT CVE-2021-4140 Mozilla: Race condition when playing audio files CVE-2022-22737 Mozilla: Heap-buffer-overflow...
EUVD-2010-1240
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2022-22742
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerabili...
ChatGPT's Data Protection Blind Spots and How Security Teams Can Solve Them
In the short time since their inception, ChatGPT and other generative AI platforms have rightfully gained the reputation of ultimate productivity boosters. However, the very same technology that enables rapid production of high-quality text on demand, can at the same time expose sensitive corpora...
DEBIAN-CVE-2022-22742
When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
CLSA-2022-1643639170 Fix CVE(s): CVE-2022-0213, CVE-2022-0261
SECURITY UPDATE: Going over the end of status line buffer - debian/patches/CVE-2022-0213.patch: Check line length when appending a space to NameBuff - CVE-2022-0213 SECURITY UPDATE: Block insert goes over the end of the line - debian/patches/CVE-2022-0261.patch: Handle invalid byte better and fix...
Mozilla: Out-of-bounds memory access when inserting text in edit mode
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When inserting text in edit mode, some characters might have led to out-of-bounds memory access, causing a potentially exploitable crash...
Mozilla: Out-of-bounds memory access when inserting text in edit mode
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When inserting text in edit mode, some characters might have led to out-of-bounds memory access, causing a potentially exploitable crash...
Mozilla: Out-of-bounds memory access when inserting text in edit mode
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When inserting text in edit mode, some characters might have led to out-of-bounds memory access, causing a potentially exploitable crash...
Mozilla: Out-of-bounds memory access when inserting text in edit mode
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When inserting text in edit mode, some characters might have led to out-of-bounds memory access, causing a potentially exploitable crash...
Mozilla Firefox 缓冲区错误漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer error vulnerability that stems from the fact that when inserting text in edit mode, certain characters may result in out-of-bounds memory access, leading to a cras...
CVE-2019-11872
The Hustle aka wordpress-popup plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it allows for injecting malicious code into a pop-up window. Successful exploitation grants an attacker with a right to execute malicious code on the administrator's computer through Excel functions as the...
CVE-2014-0136
The 1 get and 2 log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine CFME 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors...
MyST BlogSite URL Redirect / Information Leakage
=============================== MyST BlogSite | Multiple Vulnerabilities =============================== 1. VULNERABILITY DESCRIPTION -- Issue Title: Arbitrary URL Redirect Component: MyST BlogSite ClickDirector Ref: OWASP - Top 10 - 2010 - A10 Ref-Link:...