3797 matches found
CVE-2024-10454
The vulnerability is a clickjacking issue in Clibo Manager 1.1.9.12, exposed via the /public/login page and caused by a missing X-Frame-Options header. This could allow an attacker to overlay a transparent iframe and hijack user clicks. The PT-security entry confirms the affected version and dire...
Clibo Manager 安全漏洞
Clibo Manager is a management platform from Clibo Manager, Inc. providing sports clubs with the ability to manage subscriptions and ticket sales, as well as direct contact with subscribers, events, sales statistics, and more. A security vulnerability exists in Clibo Manager version 1.9.12, which...
PT-2024-16294 · Unknown · Clibo Manager
Name of the Vulnerable Software and Affected Versions: Clibo Manager version 1.1.9.12 Description: A clickjacking issue occurs in the '/public/login' directory, a login panel, due to the absence of an X-Frame-Options server-side header. An attacker could overlay a transparent iframe to perform...
firefox security update
An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...
RLSA-2024:7699 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox: thunderbird: Memory safety bugs fixed in Firefox 131 and Thunderbird 131...
Updated firefox packages fix security vulnerabilities
The updated package provides Firefox 128 for all mandatory arches of Mageia x8664, i586 and aarch64, fixing several bugs, including security vulnerabilities, for i586 and aarch64: Fullscreen notification dialog can be obscured by document content. CVE-2024-7518 Out of bounds memory access in...
OESA-2024-2275 firefox security update
Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js...
firefox: thunderbird: Potential directory upload bypass via clickjacking
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...
firefox: thunderbird: Potential directory upload bypass via clickjacking
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...
RHEL 8 : thunderbird (RHSA-2024:8166)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:8166 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTranspor...
RHEL 8 : thunderbird (RHSA-2024:8169)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:8169 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.16/128.3 firefox: thunderbird: Specially...
firefox: thunderbird: Potential directory upload bypass via clickjacking
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
firefox: thunderbird: Potential directory upload bypass via clickjacking
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...
firefox: thunderbird: Potential directory upload bypass via clickjacking
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
firefox: thunderbird: Potential directory upload bypass via clickjacking
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
firefox: thunderbird: Potential directory upload bypass via clickjacking
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...
AlmaLinux 8 : thunderbird (ALSA-2024:7699)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:7699 advisory. thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox: thunderbird...