CVE-2024-10459

An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

UBUNTU-CVE-2024-10468

Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox 132 and Thunderbird 132...

CVE-2024-10468

Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox 132 and Thunderbird 132...

CVE-2024-10459

CVE-2024-10459 is a use-after-free vulnerability triggered when accessibility features are enabled, potentially causing a crash. The issue affects Firefox versions earlier than 132, Firefox ESR prior to 128.4 and 115.17, and Thunderbird versions earlier than 132 or 128.4, as noted across multiple...

CVE-2024-10459

An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

CVE-2024-10459

An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

CVE-2024-10459

An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

CVE-2024-10459

An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

Solar-Log Base 15

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Solar-Log Equipment : Base 15 Vulnerability : Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' 2. RISK EVALUATION Successful...

CVE-2024-47742

CVE-2024-47742 : Linux kernel firmware_loader path traversal vulnerability. Several code paths construct firmware filenames from device or userspace data (e.g., lpfc_sli4_request_firmware_update, nfp_net_fw_find, module_flash_fw_schedule). The issue arises when dynamic firmware names can include ...

Adobe Digital Editions < 4.5.6 Multiple Vulnerabilities (APSB17-27) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.6. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB17-27 advisory. - Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability. Successful...

Adobe Reader < 15.006.30279 / 15.023.20053 Multiple Vulnerabilities (APSB17-01) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 15.006.30279 or 15.023.20053. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable...

Adobe Acrobat < 11.0.20 / 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 11.0.20, 2015.006.30306, or 2017.009.20044. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an...

CVE-2024-10157

A vulnerability was found in PHPGurukul Boat Booking System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/password-recovery.php of the component Reset Your Password Page. The manipulation of the argument username/mobileno leads to sql injection...

Oracle Essbase Multiple Vulnerabilities (October 2024 CPU)

The version of Oracle Essbase installed on the remote host is missing a security patch from the October 2024 Critical Patch Update CPU. It is, therefore, affected by: - Vulnerability in Oracle Essbase component: Essbase Web Platform curl. The supported version that is affected is 21.6. Easily...

Mitsubishi Electric CNC Series (Update C)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : Mitsubishi Electric Equipment : CNC Series Vulnerability : Improper Validation of Specified Quantity in Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote...

Oracle MySQL Cluster 8.0.x < 8.0.40 / 8.4.x < 8.4.3 / 9.0.x < 9.0.2 (October 2024 CPU)

The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.5.35 and prior,...

Mozilla Firefox Security Update (MFSA2024-53) - Mac OS X

Mozilla Firefox is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

CVE-2024-21262

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/ODBC. Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

CVE-2024-21233

Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...