CVE-2020-29482

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must access paths in guests' namespaces, necessarily usi...

CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

Design/Logic Flaw

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

UBUNTU-CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

CVE-2020-26964

Summary (CVE-2020-26964) : This vulnerability concerns Firefox for Android prior to Android 6.0 where the Remote Debugging via USB feature could be accessed by untrusted apps via a UNIX domain socket. The SELinux protection for this socket was not enforced on older Android versions, allowing the ...

CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

CVE-2020-25464

The CVE-2020-25464 vulnerability affects Moddable SDK prior to 20200903, specifically in moddable/xs/sources/xsDebug.c. The issue is a heap buffer overflow that occurs when the top stack frame is only partially initialized because the stack overflowed while creating the frame, leading to a crash ...

Privilege Escalation

firefox is vulnerable to privilege escalation. The vulnerability exists through the remote debugging via USB feature where an untrusted app could have connected to the feature with the privileges of the browser to read and interact with web content...

Resourcexpress Qubi3 Information Disclosure Vulnerability

Resourcexpress Qubi3 is a conference room booking device from Resourcexpress UK. A security vulnerability exists in QED ResourceXpress Qubi3 prior to version 1.40.9, which can be exploited by an attacker to obtain sensitive information through the debugging interface...

KLA12010 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, perform cross-site scripting attack, spoof user interface, execute arbitrary code, bypass security restrictions. Bel...

Mozilla Firefox for Android Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Firefox for Android suffers from a security vulnerability that stems from the fact that if remote debugging via USB is enabled in versions of Android prior to 6.0, an untrusted application can connect ...

USN-4171-6: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as...

Citrix Diagnostics Toolkit - 32bit Edition

Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the download location. Citrix Diagnostic Toolkit x86 – C.D.T Citrix Diagnostic Toolkit x86...

Citrix preSCAN Tool

About This Release This is an early technical preview release v1.0.0.2 of the preSCAN tool. This release has not been tested extensively and is not supported. Please send any feedback using the link in Contact Information section. Where to download ? Certain legacy Citrix tools are now available ...

Mail.ru: Disk-o Cloud application (Windows) does not validate server certificate on a TLS connection

A debugging/staging functionality disabling TLS certificate check was accidentally enabled in production code for Disk-O 20.10.0133, fixed in version 20.11.0006. 21.04 version adds integrity check for update process...

Low: Red Hat Security Advisory: libpcap security, bug fix, and enhancement update

An update for libpcap is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Low: libpcap security, bug fix, and enhancement update

The libpcap packages provide a portable framework for low-level network monitoring. The libpcap library provides network statistics collection, security monitoring, and network debugging. The following packages have been upgraded to a later upstream version: libpcap 1.9.1. BZ1806422 Security Fixe...