PT-2024-5221 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 121.0.6167.85 Description: The issue is related to insufficient data validation in DevTools, allowing a remote attacker to execute arbitrary code via a crafted HTML page if a user is convinced to engage in...

Mozilla Thunderbird < 115.7

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 115.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-04 advisory. - Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs...

Security Vulnerabilities fixed in Thunderbird 115.7 — Mozilla

An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after...

PT-2024-1385 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 121.0.6167.85 Description: The issue is related to insufficient policy enforcement in DevTools, which can allow an attacker to leak cross-origin data via a crafted Chrome Extension if a user is convinced to...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. An...

Mozilla Firefox < 122.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 122.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-01 advisory. - Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs show...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 17 security fixes: 1484394 High CVE-2024-0812: Inappropriate implementation in Accessibility. Reported by Anonymous on 2023-09-19 1504936 High CVE-2024-0808: Integer underflow in WebUI. Reported by Lyra Rebane rebane2001 on 2023-11-24 1496250 Medium...

CVE-2024-0751

A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

Mozilla Firefox ESR < 115.7

The version of Firefox ESR installed on the remote Windows host is prior to 115.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-02 advisory. - Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed...

SUSE CVE-2022-4955

Inappropriate implementation in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...

Fedora: Security Advisory for gst-devtools (FEDORA-2023-7bd66f219f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: gst-devtools-1.22.7-1.fc38

Development and debugging tools for GStreamer...

Fedora: Security Advisory for gst-devtools (FEDORA-2023-1661e0af22)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : gst-devtools / gstreamer1 / gstreamer1-doc / python-gstreamer1 (2023-1661e0af22)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-1661e0af22 advisory. Fixes for GStreamer-SA-2023-0010 ZDI-CAN-22299 and GStreamer-SA-2023-0009 ZDI-CAN-22226 CVE-2023-44429 Tenable has extracted the preceding description block...

Fedora 39 : chromium (2023-0b39dc9302)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0b39dc9302 advisory. update to 118.0.5993.117. Security release for CVE-2023-5472 ---- Update to 118.0.5993.88 ---- Update to 118.0.5993.70. Include following security...

openSUSE 15 Security Update : opera (openSUSE-SU-2023:0338-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0338-1 advisory. - Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a...

CVE-2023-5718

The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard postMessage API. By creating a malicious web page with an iFrame targeting a sensitive resource i.e. a locally accessible file or sensitive website, and registering a listener on the web...

CVE-2023-5718

The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard postMessage API. By creating a malicious web page with an iFrame targeting a sensitive resource i.e. a locally accessible file or sensitive website, and registering a listener on the web...

Code injection

The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard postMessage API. By creating a malicious web page with an iFrame targeting a sensitive resource i.e. a locally accessible file or sensitive website, and registering a listener on the web...

CVE-2023-5718

The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard postMessage API. By creating a malicious web page with an iFrame targeting a sensitive resource i.e. a locally accessible file or sensitive website, and registering a listener on the web...