57 matches found
Apple多款产品 安全漏洞
Apple iOS and other products are owned by Apple Inc. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have security...
Naver Whale Browser 安全漏洞
Naver Whale Browser is a web browser from Naver, a South Korean company that supports user-defined interfaces. A security vulnerability exists in Naver Whale Browser versions prior to 4.33.325.17, which stems from a specific scheme that can bypass content security policies...
EUVD-2024-27559
Malicious code in bioql PyPI...
HAXcms with nodejs backend 跨站脚本漏洞
HAXcms with nodejs backend is an open source backend management system from HAX The Web. A cross-site scripting vulnerability exists in HAXcms with nodejs backend version 11.0.7 and earlier, which stems from disabling content security policies and could lead to cross-site scripting attacks...
Google Chrome Security Bypass Vulnerability (CNVD-2025-15175)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from insufficient policy enforcement in the Loader component, which can be exploited by an attacker to bypass content security policies...
Discourse 跨站脚本漏洞
Discourse is an open source community discussion platform from Discourse Open Source. The platform includes features such as communities, email and chat rooms. A cross-site scripting vulnerability exists in versions prior to Discourse 3.5.0.beta6, which stems from a cross-site scripting attack th...
Unspecified Vulnerability in Google Chrome (CNVD-2024-44538)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in versions prior to Google Chrome 130.0.6723.58, which can be exploited by remote attackers to bypass content security policies via a crafted HTML page...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in versions prior to Google Chrome 130.0.6723.58, which can be exploited by remote attackers to bypass content security policies via a crafted HTML page...
Cross-site Scripting (XSS)
SimpleSAMLphp is vulnerable to Cross-site Scripting XSS. The vulnerability is due to unvalidated metadata endpoints, allowing malicious parties to substitute URLs with JavaScript code, leading to execution of the code in the user's browser if strict Content Security Policies are not enforced...
RATELIMITED: Subdomain takeover in GitLab Pages [george.ratelimited.me]
A subdomain takeover vulnerability was discovered in GitLab Pages. Subdomains could be taken over without verification of domain ownership. The vulnerability allowed an attacker to gain control of the subdomain...
Amazon Linux 2 : thunderbird (ALAS-2024-2505)
The version of thunderbird installed on the remote host is prior to 115.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2505 advisory. AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced...
Oracle Linux 8 : thunderbird (ELSA-2024-1494)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1494 advisory. 115.9.0-1.0.1 - Add Oracle prefs 115.9.0-1 - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 Tenable has extracted the preceding description block...
Rocky Linux 8 : thunderbird (RLSA-2024:1494)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1494 advisory. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...
Fedora 38 : thunderbird (2024-5d080305ab)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5d080305ab advisory. Update to 115.9.0 https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/ https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/...
Oracle Linux 7 : thunderbird (ELSA-2024-1498)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1498 advisory. 115.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.9.0-1 - Update to...
Debian dla-3775 : firefox-esr - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3775 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3775-1 [email protected]...
CentOS 7 : firefox (RHSA-2024:1486)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1486 advisory. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...
CentOS 7 : thunderbird (RHSA-2024:1498)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1498 advisory. - NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the...
RHEL 8 : firefox (RHSA-2024:1491)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1491 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 9 : firefox (RHSA-2024:1485)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1485 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...