5 matches found
RockyLinux 10 : thunderbird (RLSA-2026:22325)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22325 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...
Fedora 45 : proftpd (2026-c8173d7dcd)
The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c8173d7dcd advisory. Automatic update for proftpd-1.3.9a-2.fc45. Changelog Mon May 11 2026 Paul Howarth - 1.3.9a-2 - Additional escaping for avoidance of SQL injection...
SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2025:03309-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03309-1 advisory. Update to Mozilla Thunderbird 140.3 bsc1249391. Security issues fixed: - MFSA 2025-78...
jte's HTML templates containing Javascript template strings are subject to XSS
Summary Jte HTML templates with script tags or script attributes that include a Javascript template string backticks are subject to XSS. Details The javaScriptBlock and javaScriptAttribute methods in the Escape class source do not escape backticks, which are used for Javascript template strings...
CVE-2024-9774
A vulnerability was found in python-sql where unary operators do not escape non-Expression...