EUVD-2017-6871

Malware in sbrugna...

CVE-2022-42927

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...

Design/Logic Flaw

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...

CVE-2022-42927

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5709-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5709-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...

GLSA-202210-34 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-34 Mozilla Firefox: Multiple Vulnerabilities - A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. CVE-2022-42927 - Certain...

CVE-2022-42927

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...

Oracle Linux 8 : thunderbird (ELSA-2022-7190)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-7190 advisory. 102.4.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.4.0-1 - Update to 102.4.0 build1 Tenable has...

Mozilla Thunderbird < 102.4

The version of Thunderbird installed on the remote Windows host is prior to 102.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-46 advisory. - Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird...

Debian dla-3156 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3156 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3156-1 [email protected]...

CVE-2022-42927

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a same-origin policy violation that could have allowed the theft of cross-origin URL entries, leaking the result of a redirect via performance.getEntries...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2022-291-02)

The version of mozilla-firefox installed on the remote host is prior to 102.4.0esr / 106.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-291-02 advisory. - A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the...

Mozilla Firefox < 106.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 106.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-44 advisory. - Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs...

OPENSUSE-SU-2022:0199-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - CVE-2021-4140: Fixed Iframe sandbox bypass with XSLT bsc1194547. - CVE-2022-22737: Fixed race condition when playing audio files bsc1194547. - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur bsc1194547. -...

SUSE-SU-2022:14880-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT bsc1194547. - CVE-2022-22737: Fixed race condition when playing audio files bsc1194547. - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur bsc1194547. - CVE-2022-22739:...

SUSE-SU-2022:0137-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT bsc1194547. - CVE-2022-22737: Fixed race condition when playing audio files bsc1194547. - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur bsc1194547. - CVE-2022-22739:...

CentOS 7 : thunderbird (RHSA-2022:0127)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0127 advisory. - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR 91.5, Firefo...

SUSE: Security Advisory (SUSE-SU-2017:3213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have...

CVE-2021-23986

A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which should not have...