Lucene search
K

2530 matches found

Google Chrome Security Advisories
Google Chrome Security Advisories
added 2016/03/02 12:0 a.m.45 views

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux. Chrome 49.0.2623.75 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...

10CVSS8.2AI score0.10339EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/02/03 12:0 a.m.28 views

openSUSE Security Update : seamonkey (openSUSE-2016-126) (SLOTH)

SeaMonkey was updated to 2.40 boo959277 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature - CVE-2015-7201/CVE-2015-7202: Miscellaneous memory safety hazards - CVE-2015-7204: Cra...

10CVSS7.9AI score0.06058EPSS
Exploits1References23
Tenable Nessus
Tenable Nessus
added 2016/02/03 12:0 a.m.44 views

openSUSE Security Update : SeaMonkey (openSUSE-2016-129) (SLOTH)

This update for SeaMonkey fixes the following issues : - update to SeaMonkey 2.40 bnc959277 - requires NSS 3.20.2 to fix MFSA 2015-150/CVE-2015-7575 bmo1158489 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature - MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 Miscellaneous...

10CVSS7.5AI score0.06058EPSS
Exploits1References43
Tenable Nessus
Tenable Nessus
added 2016/01/04 12:0 a.m.39 views

openSUSE Security Update : Mozilla Thunderbird (openSUSE-2015-977)

Mozilla Thunderbird was updated to 38.5.0 to fix multiple security issues. The following vulnerabilities were fixed: boo959277 - CVE-2015-7201: Miscellaneous memory safety hazards - CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed - CVE-2015-7212: Integer...

10CVSS8AI score0.06058EPSS
Exploits1References8
OPENSUSE Linux
OPENSUSE Linux
added 2015/12/31 7:13 p.m.48 views

Security update for Mozilla Thunderbird (important)

Mozilla Thunderbird was updated to 38.5.0 to fix multiple security issues. The following vulnerabilities were fixed: boo959277 CVE-2015-7201: Miscellaneous memory safety hazards CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed CVE-2015-7212: Integer overflow...

10CVSS2.1AI score0.06058EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2015/12/28 5:10 p.m.51 views

Security update for xulrunner (important)

Xulrunner was updated to 38.5.0 to fix several security issues. The following vulnerabilities were fixed boo959277: CVE-2015-7201: Miscellaneous memory safety hazards CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed CVE-2015-7212: Integer overflow allocating...

10CVSS2.3AI score0.06058EPSS
Exploits1References1
OSV
OSV
added 2015/12/21 4:21 p.m.9 views

SUSE-SU-2015:2334-1 Security update for MozillaFirefox

MozillaFirefox was updated to version 38.5.0 esr to fix the following issues: Following security issues were fixed: MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 Miscellaneous memory safety hazards rv:43.0 / rv:38.5 MFSA 2015-138/CVE-2015-7210 Use-after-free in WebRTC when datachannel is used after...

10CVSS7.4AI score0.06058EPSS
Exploits1References10
Mageia
Mageia
added 2015/12/16 9:1 p.m.48 views

Updated firefox packages fix security vulnerabilities

Updated firefox packages fix security vulnerabilities: Multiple memory safety issues in Firefox were discovered. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary...

10CVSS8.7AI score0.06058EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2015/12/16 6:20 p.m.5 views

Mozilla: Use-after-free in WebRTC when datachannel is used after being destroyed (MFSA 2015-138)

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...

7.5CVSS7.7AI score0.04309EPSS
Exploits0References5
NVD
NVD
added 2015/12/16 11:59 a.m.21 views

CVE-2015-7210

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...

7.5CVSS6.2AI score0.04309EPSS
Exploits0References19
NVD
NVD
added 2015/12/16 11:59 a.m.21 views

CVE-2015-7205

Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP...

10CVSS6.4AI score0.03237EPSS
Exploits0References22
Prion
Prion
added 2015/12/16 11:59 a.m.27 views

Integer overflow

Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP...

10CVSS8AI score0.03237EPSS
Exploits0References22Affected Software5
Prion
Prion
added 2015/12/16 11:59 a.m.22 views

Design/Logic Flaw

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...

7.5CVSS7.9AI score0.04309EPSS
Exploits0References19Affected Software5
Cvelist
Cvelist
added 2015/12/16 11:0 a.m.22 views

CVE-2015-7210

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...

8AI score0.04309EPSS
Exploits0References19
CVE
CVE
added 2015/12/16 11:0 a.m.157 views

CVE-2015-7205

CVE-2015-7205 details : In Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5, an integer underflow in RTPReceiverVideo::ParseRtpPacket can be triggered by a crafted WebRTC RTP packet, potentially exposing sensitive information, causing a denial of service, or other unspecified impacts....

10CVSS7.9AI score0.03237EPSS
Exploits0References22Affected Software1
CVE
CVE
added 2015/12/16 11:0 a.m.138 views

CVE-2015-7210

CVE-2015-7210 is a use-after-free in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5, allowing remote code execution by triggering use of a data channel closed by WebRTC. Affected component is the browser WebRTC data channel handling; root cause is use-after-free memory safety issue....

7.5CVSS7.9AI score0.04309EPSS
Exploits0References19Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/12/16 12:0 a.m.41 views

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2833-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2833-1 advisory. Andrei Vaida, Jesse Ruderman, Bob Clary, Christian Holler, Jesse Ruderman, Eric Rahm, Robert Kaiser, Harald Kirschner, and Michael Henretty discovered...

10CVSS8.2AI score0.06058EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2015/12/16 12:0 a.m.35 views

FreeBSD : mozilla -- multiple vulnerabilities (2c2d1c39-1396-459a-91f5-ca03ee7c64c6)

The Mozilla Project reports : MFSA 2015-134 Miscellaneous memory safety hazards rv:43.0 / rv:38.5 MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation MFSA 2015-137 Firefox allows...

10CVSS7.8AI score0.06058EPSS
Exploits1References38
FreeBSD
FreeBSD
added 2015/12/15 12:0 a.m.40 views

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-134 Miscellaneous memory safety hazards rv:43.0 / rv:38.5 MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation MFSA 2015-137 Firefox allows...

10CVSS9.1AI score0.06058EPSS
Exploits1References16
Mozilla
Mozilla
added 2015/12/15 12:0 a.m.53 views

Use-after-free in WebRTC when datachannel is used after being destroyed — Mozilla

Security researcher Looben Yang reported a use-after-free error in WebRTC that occurs due to timing issues in WebRTC when closing channels. WebRTC may still believe is has a datachannel open after another WebRTC function has closed it. This results in attempts to use the now destroyed datachannel...

7.5CVSS6.7AI score0.04309EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder