18 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-6153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds...
SUSE CVE-2019-11710
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 68...
SUSE CVE-2019-11721
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox 68...
SUSE CVE-2020-6794
If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Thunderbird 60. The new master...
Mozilla: Use-After-Free when aborting an operation
When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.12 and...
CVE-2020-12389
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. Note: this issue only affects Firefox on Windows operating systems.. This vulnerability affects Firefox ESR 68.8 and Firefox 76...
Mozilla Thunderbird Access Control Error Vulnerability
Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP, POP mail protocols and HTML mail format. An access control error vulnerability exists in Mozilla Thunderbird versions prior to...
UBUNTU-CVE-2019-17012
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird 68.3,...
Mozilla Firefox and Mozilla Firefox ESR Sandbox Escape Vulnerability
Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 69, Mozilla...
cPanel Information Disclosure Vulnerability (CNVD-2019-29005)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An information disclosure vulnerability exists in versions of cPanel prior to 68.0.27. The vulnerability stems from a configurati...
CVE-2017-18404
cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD SEC-341...
CVE-2019-11710
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 68...
Mozilla Firefox and Firefox ESR Spoofing Vulnerability
Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox ESR versions prior to 60.8 an...
Mozilla Firefox and Firefox ESR Security Bypass Vulnerability (CNVD-2019-22851)
Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 68 and...
Mozilla: Use-after-free with HTTP/2 cached stream
A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
Mozilla: HTML parsing error can contribute to content XSS
Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
UBUNTU-CVE-2019-11710
Mozilla developers and community members reported memory safety bugs present in Firefox 67. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 68...
UBUNTU-CVE-2019-11716
Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such as Object.getOwnPropertyNameswindow. Sites that deploy a sandboxing that depends on enumerating and freezing access to the window object may miss this, allowing their sandboxes t...