3301 matches found
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
RHEL 9 : thunderbird (RHSA-2024:2904)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2904 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fixes: firefox...
CVE-2024-31974
The com.solarized.firedown aka Solarized FireDown Browser & Downloader application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately...
GitLab 13.9 < 14.0.9 / 14.1 < 14.1.4 / 14.2 < 14.2.2 (CVE-2021-22261)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A stored Cross-Site Scripting vulnerability in the Jira integration in all GitLab versions starting from 13.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting fr...
Debian dsa-5693 : thunderbird - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5693 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5693-1 [email protected] https://www.debian.org/securit...
Mozilla Firefox Security Update (MFSA2024-21) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
Mozilla: Arbitrary JavaScript execution in PDF.js
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context...
RHEL 8 : firefox (RHSA-2024:2887)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2887 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
CVE-2024-34081
MantisBT Mantis Bug Tracker is an open source issue tracker. Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when resolving or closing issues bugchangestatuspage.php belonging to a project linking...
Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2024-135-01)
The version of mozilla-firefox installed on the remote host is prior to 115.11.0esr / 126.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-135-01 advisory. - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript...
GHSA-WGX7-JP56-65MQ Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting
Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when: - resolving or closing issues bugchangestatuspage.php belonging to a project linking said custom field - viewing issues viewallbugpage.php when...