90 matches found
EUVD-2021-10874
Malware in sbrugna...
EUVD-2010-1237
Malware in sbrugna...
EUVD-2024-44363
Malicious code in bioql PyPI...
EUVD-2022-27888
Malicious code in bioql PyPI...
CVE-2024-4769
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird...
CVE-2024-4769
CVE-2024-4769 : In Firefox and Thunderbird, Web Workers handling could reveal cross-origin information by distinguishing between responses with the content-type application/javascript vs non-script types. This could lead to information disclosure across origins. Affected products are Firefox befo...
Rocky Linux 8 : thunderbird (RLSA-2022:0129)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0129 advisory. - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR 91.5, Firefox...
Ubuntu 16.04 LTS : Firefox vulnerabilities (USN-4216-2)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4216-2 advisory. USN-4216-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS. Tenable has extracted the preceding...
USN-6143-3 firefox regressions
USN-6143-1 fixed vulnerabilities and USN-6143-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...
SUSE CVE-2022-22760
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91...
CVE-2022-22745
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
Design/Logic Flaw
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
CVE-2022-22745
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
CVE-2022-22745
CVE-2022-22745 describes a cross-origin information leak via SecurityPolicyViolation events for frame-ancestors violations. Public documents associate this with Firefox ESR versions earlier than 91.5, Firefox versions earlier than 96, and Thunderbird versions earlier than 91.5. The connected advi...
CVE-2022-22745
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
CVE-2022-22760
When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91...
Mozilla Thunderbird Security Advisory (MFSA2022-22) - Windows
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
SUSE: Security Advisory (SUSE-SU-2022:1920-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2022-0057 Updated firefox packages fix security vulnerability
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions CVE-2022-22754. If a user was convinced to drag and drop an image to their desktop or other folder,...
MGASA-2022-0061 Updated thunderbird packages fix security vulnerabilities
If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions CVE-2022-22754. If a user was convinced to drag and drop an image to their desktop or other folder,...