72 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-26951
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of...
Mageia: Security Advisory (MGASA-2020-0433)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0427)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3383-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:14548-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0065)
The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This...
NewStart CGSL MAIN 6.02 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0081)
The remote NewStart CGSL host, running version MAIN 6.02, has thunderbird packages installed that are affected by multiple vulnerabilities: - In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This...
CentOS 8 : firefox (CESA-2020:5237)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:5237 advisory. - Mozilla: Variable time processing of cross-origin images during drawImage calls CVE-2020-16012 - Mozilla: Parsing mismatches could confuse and bypass...
openSUSE Security Update : MozillaFirefox (openSUSE-2020-2315)
This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.5.0 ESR bsc1178824 - CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code - CVE-2020-16012: Variable time processing of cross-origin images during...
RHEL 8 : firefox (RHSA-2020:5314)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5314 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Amazon Linux 2 : thunderbird (ALAS-2021-1586)
The version of thunderbird installed on the remote host is prior to 78.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1586 advisory. When drawing a transparent image on top of an unknown cross-origin image, the Skia library drawImage function took a...
Security update for MozillaFirefox (important)
openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:2315-1 Rating: important References: 1178824 Cross-References: CVE-2020-15999 CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961...
thunderbird security update
CentOS Errata and Security Advisory CESA-2020:5235 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
firefox security update
CentOS Errata and Security Advisory CESA-2020:5239 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2020-26951
A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...
CVE-2020-26951
A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...
CVE-2020-26951
CVE-2020-26951 involves a parsing and event loading mismatch in Firefox’s SVG code that could allow load events to fire after sanitization, potentially bypassing a built-in sanitizer. Affected products include Firefox < 83, Firefox ESR < 78.5, and Thunderbird
CVE-2020-26951
A parsing and event loading mismatch in Firefox’s SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...
SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:3548-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.5.0 ESR bsc1178824 - CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code - CVE-2020-16012: Variable time processing of cross-origin images during...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3383-1)
This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.5.0 ESR bsc1178824 - CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code - CVE-2020-16012: Variable time processing of cross-origin images during...