16 matches found
MiracleLinux 9 : webkit2gtk3-2.46.1-2.el9_4 (AXSA:2024-8945:04)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8945:04 advisory. webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web...
EUVD-2024-40936
Malicious code in bioql PyPI...
@nestjs/devtools-integration: CSRF to Sandbox Escape Allows for RCE against JS Developers
Summary A critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API endpoint that uses an unsafe JavaScript sandbox safe-eval-like implementation. Due to improper...
RLSA-2025:7387 Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash CVE-2024-44192 webkitgtk: A malicious website may exfiltrate data cross-origin CVE-2024-54467...
RHEL 8 : firefox (RHSA-2025:9075)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:9075 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
CVE-2020-26954
When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on...
CVE-2025-31491
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows of leakage of cross-domain cookies and protected headers in requests redirect. AutoGPT uses a wrapper around the requests...
SUSE-SU-2022:4247-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 102.5.0 ESR MFSA 2022-48, bsc1205270: - CVE-2022-45403: Service Workers might have learned size of cross-origin media files - CVE-2022-45404: Fullscreen notification bypass - CVE-2022-45405:...
SUSE-SU-2022:4085-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: - Fixed various security issues MFSA 2022-49, bsc1205270: CVE-2022-45403 bmo1762078 Service Workers might have learned size of cross-origin media files CVE-2022-45404 bmo1790815 Fullscreen notification bypass CVE-2022-45405 bmo1791314...
SUSE-SU-2022:3273-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 bsc1202645 CVE-2022-38472 bmo1769155 Address bar spoofing via XSLT error handling CVE-2022-38473 bmo1771685...
MGASA-2022-0221 Updated thunderbird packages fix security vulnerability
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces. This could have been used by an attacker to send an email message with the attacker's digital signature, that was shown...
OPENSUSE-SU-2021:2598-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory...
SUSE-SU-2021:2598-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory...
SUSE-SU-2020:14548-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.5.0 ESR bsc1178824 CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code CVE-2020-16012: Variable time processing of cross-origin images during...
SUSE-SU-2017:3213-1 Security update for MozillaFirefox
This update for MozillaFirefox ESR 52.5 fixes the following issues: Security issues fixed: - CVE-2017-7826: Memory safety bugs fixed bsc1068101. - CVE-2017-7828: Use-after-free of PressShell while restyling layout bsc1068101. - CVE-2017-7830: Cross-origin URL information leak through Resource...
Firefox 3.5.x < 3.5.12 Multiple Vulnerabilities
Binary data 800739.prm...