34 matches found
Integer Overflow Vulnerability in Multiple Mozilla Products (CNVD-2026-19981)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in several Mozilla products,...
ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT
Huntress discovers 'CrashFix,' a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware...
Apple多款产品 安全漏洞
Apple Safari and others are products of Apple Inc. Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems. apple iOS is a set of operating systems developed for mobile devices. apple iPadOS is a set of operating systems for the iPad tablet...
EUVD-2025-18559
Malicious code in bioql PyPI...
Withdrawn Advisory: microlight allows a denial of service
Withdrawn Advisory This advisory has been withdrawn because the proof of concept does not demonstrate a practical security impact. This link is maintained to preserve external references. Original Description A denial of service DoS vulnerability has been identified in the JavaScript library...
PT-2025-25754 · Unknown · Microlight
Name of the Vulnerable Software and Affected Versions: microlight version 0.0.7 Description: A denial of service DoS vulnerability has been identified in the JavaScript library microlight. This library, used for syntax highlighting, does not limit the size of textual content it processes in HTML...
CVE-2025-45526
A denial of service DoS vulnerability has been identified in the JavaScript library microlight version 0.0.7. This library, used for syntax highlighting, does not limit the size of textual content it processes in HTML elements with the microlight class. When excessively large content e.g., 100...
CVE-2025-45526
The CVE-2025-45526 entry concerns microlight v0.0.7, where the reset function in microlight.js can consume excessive memory/CPU when processing extremely large content in elements with the microlight class. This can lead to browser crashes or unresponsiveness, effectively a DoS, with exploitation...
TencentOS Server 2: thunderbird (TSSA-2024:0068)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0068 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
MGASA-2022-0156 Updated firefox/nss/rootcerts packages fix security vulnerability
NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash CVE-2022-1097. After a VR Process is destroyed, a reference to it may have been retained and used, leading to a...
TrickBot Crashes Security Researchers’ Browsers in Latest Upgrade
Trojan titan TrickBot has added a striking anti-debugging feature that detects security analysis and crashes researcher browsers before its malicious code can be analyzed. The new anti-debugging feature was discovered by Security Intelligence analysts with IBM, who reported the emergence of a...
XPCOM - Race Condition
XPCOM Race Condition Vendor: Mozilla Product: XPCOM Version: Website: http://www.mozilla.org/projects/xpcom/ CVE: CVE-2005-2414 OSVDB: 18226 PACKETSTORM: 38837 Description: xpcom, or cross platform component object model is a framework for writing cross-platform, modular software. The xpcom libra...
Opera < 11.52 Multiple Vulnerabilities
Binary data 800854.prm...
Google Chrome < 9.0.597.84 Multiple Vulnerabilities
Binary data 800942.prm...
Google Chrome Multiple Vulnerabilities (Dec 2010) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome < 8.0.552.224 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 8.0.552.224. Such versions are reportedly affected by multiple vulnerabilities : - A bad extension can cause the browser to crash in tab handling. Issue 60761 - A NULL pointer can lead to a browser crash in web worker...
Ubuntu: Security Advisory (USN-997-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft DRM Technology - msnetobj.dll ActiveX Multiple Vulnerabilities
Microsoft DRM Technology - msnetobj.dll ActiveX Multiple Vulnerabilities ============================================================================================ Microsoft DRM technology msnetobj.dll ActiveX Multiple Remote Vulnerabilities...
openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-2261)
This patch updates Mozilla XULRunner 3.0 engine the 1.9.0.19 release. It includes also following security fixes: MFSA 2010-16: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed eviden...
SuSE 10 Security Update : MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-translations, mozilla-xulrunner191, mozilla-xulrunner191-devel, mozilla-xulrunner191-gnomevfs, mozilla-xulrunner191-translations, python-xpcom191 (ZYPP Patch Number 6970)
Mozilla Firefox was updated to version 3.5.9 fixing lots of bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed...