29 matches found
CVE-2025-36373
IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user...
USN-7191-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2025-0237, CVE-2025-0239,...
USN-6074-3 firefox regressions
USN-6074-1 fixed vulnerabilities and USN-6074-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...
USN-5816-1 firefox vulnerabilities
Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. CVE-2023-23597 Tom...
USN-5709-2 firefox vulnerabilities
USN-5709-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...
Security Bulletin: IBM QRadar SIEM is vulnerable to Cross domain information disclosure (CVE-2020-4883)
Summary IBM QRadar SIEM is vulnerable to Cross domain information disclosure Vulnerability Details CVEID: CVE-2020-4883 DESCRIPTION: IBM QRadar SIEM could disclose sensitive information about other domains which could be used in further attacks against the system. CVSS Base score: 4.3 CVSS Tempor...
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2021-15498)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. An information disclosure vulnerability exists in Mozilla Firefox. The vulnerability stems from the fact that if a user clicks on a specially crafted PDF, it may obfuscate the leak of cross-domain...
Mozilla Thunderbird < 45.6 Multiple Vulnerabilities (macOS)
The version of Mozilla Thunderbird installed on the remote macOS or Mac OS X host is prior to 45.6. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exists, such as when handling document state changes or HTML5 content, or else due to dereferencing...
Mozilla Firefox < 50.1 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox installed on the remote macOS or Mac OS X host is prior to 50.1. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exists when handling style contexts, regular expressions, and clamped gradients that allow an...
Mozilla Firefox ESR 45.x < 45.6 Multiple Vulnerabilities
The version of Mozilla Firefox ESR installed on the remote Windows host is 45.x prior to 45.6. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist, such as when handling document state changes or HTML5 content, or else due to dereferencing alrea...
RHEL 5 : flash-plugin (RHSA-2012:1203)
The remote Redhat Enterprise Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2012:1203 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several...
MS KB2755399: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
The remote host is missing KB2755399. It may, therefore, be affected by the following vulnerabilities related to the installed version of the Adobe Flash ActiveX control : - An unspecified remote code execution error exists. CVE-2012-1535 - Multiple memory corruption errors exist that could lead ...
Adobe AIR for Mac 3.x <= 3.3.0.3670 Multiple Vulnerabilities (APSB12-19)
According to its version, the instance of Adobe AIR on the remote Mac OS X host is 3.3.0.3670 or earlier and is, therefore, reportedly affected by multiple vulnerabilities : - Multiple memory corruption vulnerabilities could lead to code execution. CVE-2012-4163, CVE-2012-4164, CVE-2012-4165 - An...
Mozilla Products IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability (Windows)
The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsipv6literalsyntaxinfodiscvulnwin.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products IPv6 Literal Syntax Cross Domain Informatio...
Mozilla Products IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability (MAC OS X)
The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsipv6literalsyntaxinfodiscvulnmacosx.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products IPv6 Literal Syntax Cross Domain...
Mozilla Firefox 3.6 < 3.6.20 Multiple Vulnerabilities
Binary data 801343.prm...
Microsoft Internet Explorer Event Handlers Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information that m...
CVE-2010-3348
Microsoft Internet Explorer 6–8 is affected by a Cross‑Domain Information Disclosure vulnerability (CVE-2010-3348) where cached content could be rendered as HTML, allowing access to content from a different domain or zone via script. The issue stems from IE not preventing rendering of cached cont...
CVE-2010-3342
CVE-2010-3342 affects Microsoft Internet Explorer 6–8, where the browser may render cached HTML content that comes from a different domain/zone via script, enabling cross-domain information disclosure. The issue is documented alongside CVE-2010-3348 (another cross-domain disclosure) and is mitiga...
CVE-2009-1140
Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 does not prevent HTML rendering of cached content, which allows remote attackers to bypass the Same Origin Policy via unspecified...