132 matches found
CVE-2024-8382
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had...
UBUNTU-CVE-2024-8382
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had...
CVE-2024-8382
The CVE-2024-8382 entry describes a vulnerability where privileged EventHandler interfaces were exposed to web content during execution of their listener callbacks. Affected software includes Firefox (less than 130; ESR <128.2 and ESR
CVE-2024-8382
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had...
CVE-2024-8382
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had...
Security Vulnerabilities fixed in Firefox ESR 115.15 — Mozilla
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried t...
Security Vulnerabilities fixed in Thunderbird 115.15 — Mozilla
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried t...
Malicious code in rippling-flux-dev-tools (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2963 Malicious code in rippling-flux-dev-tools (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in flux_dev_tools.server.flask (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2384 Malicious code in flux_dev_tools (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2087 Malicious code in @realty-front/dev-tools (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-29651
A prototype pollution flaw was found in the API Dev Tools json-schema-ref-parser. This flaw allows a remote attacker to cause a denial of service, Cross-site scripting, or arbitrary code via the bundle, parse, resolve, and dereference functions. Mitigation Mitigation for this issue is either not...
json-schema-ref-parser Prototype Pollution issue
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
GHSA-5F97-H2C2-826Q json-schema-ref-parser Prototype Pollution issue
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
A Prototype Pollution issue in API Dev Tools json-schema-ref-parser v.11.0.0 and v.11.1.0 allows a remote attacker to execute arbitrary code via the bundle, parse, resolve, dereference functions...
CVE-2024-29651
CVE-2024-29651 is a Prototype Pollution vulnerability in API Dev Tools json-schema-ref-parser (versions 11.0.0 and 11.1.0). The flaw allows remote code execution or denial of service by manipulating Object.prototype via bundle(), parse(), resolve(), or dereference() functions. Affected IBM stack ...
The vulnerability of the macOS operating system’s Dev Tools component, which allows a hacker to increase their privileges
The vulnerability of the Dev Tools component of the macOS operating system exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...