CVE-2026-32610 Glances's Default CORS Configuration Allows Cross-Origin Credential Theft

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, the Glances REST API web server ships with a default CORS configuration that sets alloworigins="" combined with allowcredentials=True. When both of these options are enabled together, Starlette's CORSMiddlewa...

PT-2026-25848

Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.2 Description Glances, a cross-platform system monitoring tool, has a configuration issue in its REST API web server. The default CORS Cross-Origin Resource Sharing configuration sets allow origins to '' and allow...

Mozilla Thunderbird < 60.4

The version of Thunderbird installed on the remote Windows host is prior to 60.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-31 advisory. - A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when ...

EUVD-2019-15408

Malware in sbrugna...

Mozilla Firefox Security Advisory (MFSA2011-50) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0233)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was foun...

MGASA-2016-0105 Updated firefox packages fix security vulnerabilities

Updated nss and firefox packages fix security vulnerabilities: Security researcher SkyLined reported a use-after-free issue in how audio is handled through the Web Audio API during MediaStream playback through interactions with the Web Audio API. This results in a potentially exploitable crash...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:0957-2)

Mozilla Firefox was updated to version 6. It brings new features, fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-29.html Mozilla Foundation Security Advisory 2011-29 MFSA 2011-29 dbg114-MozillaFirefox-5020...

openSUSE Security Update : seamonkey (openSUSE-SU-2011:0957-1)

Mozilla SeaMonkey suite was updated to version 2.3. The update fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-33.html Mozilla Foundation Security Advisory 2011-33 MFSA 2011-33 Mozilla Foundation Security Advisory 2011-3...

openSUSE Security Update : seamonkey (openSUSE-SU-2011:0957-1)

Mozilla SeaMonkey suite was updated to version 2.3. The update fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-33.html Mozilla Foundation Security Advisory 2011-33 MFSA 2011-33 Mozilla Foundation Security Advisory 2011-3...

Mozilla Foundation Security Advisory 2011-50

Mozilla Foundation Security Advisory 2011-50 Title: Cross-origin data theft using canvas and Windows D2D Impact: High Announced: November 8, 2011 Reporter: Products: Firefox, Thunderbird Fixed in: Firefox 8.0 Thunderbird 8.0 Description Mozilla developer Bas Schouten reported that the introductio...

Cross-origin data theft using canvas and Windows D2D — Mozilla

Mozilla developer Bas Schouten reported that the introduction of the "Azure" graphics back-end on Windows in Firefox 7 re-introduced the cross-origin data theft issue reported by nasalislarvatus3000 as described in MFSA 2011-29...

seamonkey: Update to Mozilla Seamonkey 2.3 (important)

Mozilla Seamonkey suite was updated to version 2.3. The update fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-33.ht ml Mozilla Foundation Security Advisory 2011-33 MFSA 2011-33 Mozilla Foundation Security Advisory 2011-...

Mozilla Firefox 5.0 Multiple Vulnerabilities

Binary data 801346.prm...

Mozilla Thunderbird 5 Multiple Vulnerabilities

Binary data 801266.prm...

Mozilla Thunderbird < 6.0 Multiple Vulnerabilities

Binary data 6010.prm...

Mozilla Thunderbird < 6.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 6.0 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine that may permit remote code execution. CVE-2011-2985, CVE-2011-2989, CVE-2011-2991, CVE-2011-2992 - A dangling...

Security issues addressed in SeaMonkey 2.3 — Mozilla

Miscellaneous memory safety hazards rv:4.0 Impact: Critical Description: Mozilla identified and fixed several memory safety bugs in the browser engine used in SeaMonkey 2.2 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and w...

Security issues addressed in Thunderbird 6 — Mozilla

Many of the issues listed below are not exploitable through mail since JavaScript is disabled by default in Thunderbird. These particular issues may be triggered while viewing RSS feeds and displaying full remote content rather than the feed summary. Addons that expose browser functionality may...

Security issues addressed in Firefox 6 — Mozilla

Miscellaneous memory safety hazards rv:4.0 Impact: Critical Description: Mozilla identified and fixed several memory safety bugs in the browser engine used in Firefox 4, Firefox 5 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances...