CVE-2026-44237

FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation does not sufficiently validate client credentials during token issuance. Knowledge of a valid clientid is required. The validateClient method in ClientRepository.php unconditionally returns true,...

EUVD-2026-33300

FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation does not sufficiently validate client credentials during token issuance. Knowledge of a valid clientid is required. The validateClient method in ClientRepository.php unconditionally returns true,...

FreePBX api 操作系统命令注入漏洞

FreePBX API is an open-source plugin developed by FreePBX. Versions of the FreePBX API module prior to 17.0.8 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the GraphQL mutation input fields in the initiateGqlAPIProcess function being pass...

Oracle Java SE Security Update (oct2023) 03 - Linux

Oracle Java SE is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sophos XG firewall API Configuration component shell escape vulnerability

Sophos XG firewall is a next-generation endpoint protection and enterprise-class firewall product from Sophos UK.API Configuration is one of the API configuration components. A security vulnerability exists in the /webconsole/APIController of the API Configuration component in Sophos XG firewall...

Sophos XG firewall Admin Portal SQL Injection Vulnerability

Sophos XG firewall is a next-generation endpoint protection and enterprise-class firewall product from Sophos UK.Admin Portal is one of the management portals. A SQL injection vulnerability exists in the AccountStatus.jsp file of Admin Portal in Sophos XG firewall version 17.0.8 MR-8. The...

Sophos XG firewall Admin Portal shell escape vulnerability

Sophos XG firewall is a next-generation endpoint protection and enterprise-class firewall product from Sophos UK.Admin Portal is one of the management portals. A security vulnerability exists in /webconsole/Controller of Admin Portal in Sophos XG firewall version 17.0.8 MR-8. The vulnerability ca...

Mozilla Thunderbird Multiple XSS Vulnerabilities (Feb 2014) - Windows

Mozilla Thunderbird is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Thunderbird < 17.0.8 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 17.0.8 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when...

Mozilla Thunderbird < 17.0.8 Multiple Vulnerabilities

Binary data 6979.prm...

Mozilla Thunderbird ESR Multiple Vulnerabilities - August 13 (Mac OS X)

The host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdesrmultvulnaug13macosx.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Thunderbird ESR Multiple Vulnerabilities - August 13 Mac OS X Authors: Thanga...

Mozilla Thunderbird Multiple Vulnerabilities - August 13 (Windows)

The host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvulnaug13win.nasl 6074 2017-05-05 09:03:14Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - August 13 Windows Authors: Thanga Prakash S Copyrigh...

Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2013) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Firefox ESR 17.x < 17.0.8 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 17.x is earlier than 17.0.8 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701 - Unspecified errors exist related to HTML frames and history handling,...

Mozilla Thunderbird ESR Multiple Vulnerabilities - August 13 (Windows)

The host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdesrmultvulnaug13win.nasl 6104 2017-05-11 09:03:48Z teissa $ Mozilla Thunderbird ESR Multiple Vulnerabilities - August 13 Windows Authors: Thanga Prakash...

Important: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Visual Studio 2022 version 17.0.8 update

This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.0.8. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update to...