75 matches found
Design/Logic Flaw
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
CVE-2023-51772
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
CVE-2023-51772
One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a...
BrowserView Allows Popups, which leads to Remote Code Execution
Description The Application has a functionality that allows users to add URLs for custom Webservices. If a user adds a URL containing malicious code, then it can be used to open a new Browser Window, which will lead to Remote Code Execution on the victims computer. Proof of Concept ATTACKER SETUP...
CentOS 7 : thunderbird (RHSA-2022:4891)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4891 advisory. - When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would hav...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Thunderbird vulnerabilities (USN-5512-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5512-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...
Mozilla Firefox ESR Security Advisory (MFSA2022-21) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Firefox Security Advisory (MFSA2022-20) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Thunderbird Security Advisory (MFSA2022-22) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Oracle Linux 9 : firefox (ELSA-2022-4873)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-4873 advisory. 91.10.0-1.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...
Oracle Linux 9 : thunderbird (ELSA-2022-4892)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-4892 advisory. 91.10.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Reference oracle-indexhtml within Requires...
SUSE: Security Advisory (SUSE-SU-2022:2062-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 9 : thunderbird (RHSA-2022:4892)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4892 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Security Fixes: Mozilla:...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
RHEL 8 : thunderbird (RHSA-2022:4890)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4890 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Security Fixes: Mozilla:...
RHEL 7 : thunderbird (RHSA-2022:4891)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4891 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Security Fixes: Mozilla:...
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:4870)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:4870-1 advisory. - Mozilla: Cross-Origin resource's length leaked CVE-2022-31736 - Mozilla: Heap buffer overflow in WebGL CVE-2022-31737 - Mozilla: Browser window...
Security fix for the ALT Linux 10 package firefox-esr version 91.10.0-alt1
June 3, 2022 Pavel Vasenkov 91.10.0-alt1 - New ESR version. - Security fixes: + CVE-2022-31736 Cross-Origin resource's length leaked + CVE-2022-31737 Heap buffer overflow in WebGL + CVE-2022-31738 Browser window spoof using fullscreen mode + CVE-2022-31739 Attacker-influenced path traversal when...
RHEL 8 : thunderbird (RHSA-2022:4888)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4888 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Security Fixes: Mozilla:...
RHEL 8 : thunderbird (RHSA-2022:4887)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4887 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.10.0. Security Fixes: Mozilla:...