Ubuntu: Security Advisory (USN-3544-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox regressions (USN-3544-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3544-2 advisory. USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances...

USN-3544-2: Firefox regressions

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. I...

USN-3544-2 firefox regressions

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. I...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation, allowing an attacker to cause a service failure.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation, when changing the size of image objects in the developer mode. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Developer Tools component of the Mozilla Firefox ESR browser allows a perpetrator to execute arbitrary code.

The vulnerability of the Developer Tools component in Mozilla Firefox and Firefox ESR browsers is related to the insufficient elimination of special elements in the source code of the pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary code when opening a style edit...

PT-2018-4968 · Apache · Apache Cloudstack

Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions 4.1 through 4.8.1.0 Apache CloudStack version 4.9.0.0 Description: The issue allows a malicious user to reset the API keys for another non-root CloudStack user if the malicious user can determine the ID of that user...

Simple Image Gallery (free) 3.5.0 and previous, XSS

Simple Image Gallery Freed by Joomlaworks, version 3.5.0 and previous, XSS Resolution: update to 3.6.0 Update notice: https://www.joomlaworks.net/blog/item/269-simple-image-gallery-free-v3-6-0-released-featuring-enhanced-print-previews-fixing-xss-vulnerability-related-to-print-page-output Note th...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2018-02236)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 58, where the Developer Tools panel in an extension is used to load URLs, but the program does not enforce this process in al...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2018-02266)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Developer Tools is one of the development tools. A security vulnerability exists in the Developer Tools component of Mozilla Firefox prior to version 58. The vulnerability can be exploited by an attacker...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3544-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3544-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could...

Ubuntu: Security Advisory (USN-3544-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3544-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP...

USN-3544-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP...

Skype, Slack and Other Popular Windows Apps Vulnerable to Critical Framework Bug

UPDATE Hundreds of software applications built using the developer framework called Electron may be vulnerable to a remote code execution flaw, according to developers of the framework. Impacted are dozens of popular Windows applications such as Microsoft’s Skype for Windows and Slack. Earlier th...

Mozilla Firefox Security Advisories (MFSA2018-02, MFSA2018-03) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

FreeBSD : mozilla -- multiple vulnerabilities (a891c5b4-3d7a-4de9-9c71-eef3fd698c77)

Mozilla Foundation reports : CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5092: Use-after-free in Web Workers CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory...

CVE-2018-5106

Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This vulnerability affects Firefox ...

UBUNTU-CVE-2018-5106

Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This vulnerability affects Firefox ...

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5092: Use-after-free in Web Workers CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory...