WordPress plugin Just Custom Fields security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

DEBIAN-CVE-2023-48184

QuickJS before 7414e5f has a quickjs.h JSFreeValueRT use-after-free because of incorrect garbage collection of async functions with closures...

Rocky Linux 8 : thunderbird (RLSA-2021:5045)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5045 advisory. - Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported...

CVE-2020-36714

The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect capability check on the isadministrator function in versions up to, and including, 1.0.125. This makes it possible for authenticated attackers to access and interact with available AJAX functions...

BugChecker - SoftICE-like Kernel Debugger For Windows 11

Introduction BugChecker is a SoftICE-like kernel and user debugger for Windows 11 and Windows XP as well: it supports Windows versions from XP to 11, both x86 and x64. BugChecker doesn't require a second machine to be connected to the system being debugged, like in the case of WinDbg and KD. This...

Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library

The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode. The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from Sout...

Mageia: Security Advisory (MGASA-2021-0554)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information Disclosure

firefox and thunderbird is vulnerable to information disclosure. The vulnerability exists due to an exposure of the target URL when navigating using asynchronous functions...

Mozilla: URL leakage when navigating while executing asynchronous function

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

DEBIAN-CVE-2021-43536

Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

Code injection

Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

CVE-2021-43536

Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

Mozilla: URL leakage when navigating while executing asynchronous function

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

CVE-2021-43536

The Mozilla Foundation Security Advisory describes this flaw as: Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL...

Security Vulnerabilities fixed in Firefox ESR 91.4.0 — Mozilla

Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. By misusing a race in our...