7 matches found
RHEL 8 : thunderbird (RHSA-2022:6715)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6715 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fixes: Mozilla:...
RHEL 8 : firefox (RHSA-2022:6701)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6701 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
GHSA-V63X-XC9J-HHVQ Sandbox Breakout / Arbitrary Code Execution in safer-eval
All versions of safer-eval are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context and is not suited to process arbitrary user input. This may allow attackers to execute arbitrary code in the system. Recommendation The package is...
Cross site scripting
Cross-site scripting XSS vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8contextnativehandler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context...
CVE-2015-1286
Cross-site scripting XSS vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8contextnativehandler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context...
CVE-2015-1286
Cross-site scripting XSS vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8contextnativehandler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context...
Fixed in Apache Tomcat 5.5.22, 5.0.SVN
Important: Directory traversal CVE-2007-0450 The fix for this issue was insufficient. A fix was also required in the JK connector module for httpd. See CVE-2007-1860 for further information. Tomcat permits '', '%2F' and '%5C' as path delimiters. When Tomcat is used behind a proxy including, but...