CVE-2024-9936

When manipulating the selection node cache, an attacker may have been able to cause unexpected behavior, potentially leading to an exploitable crash. This vulnerability affects Firefox 131.0.3...

Security Vulnerability fixed in Firefox 131.0.3 — Mozilla

When manipulating the selection node cache, an attacker may have been able to cause unexpected behavior, potentially leading to an exploitable crash...

Mozilla Firefox Security Advisory (MFSA2024-53) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2024-53. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

CVE-2024-9792

A vulnerability classified as problematic has been found in D-Link DSL-2750U R5B017. This affects an unknown part of the component Port Forwarding Page. The manipulation of the argument PortMappingDescription leads to cross site scripting. It is possible to initiate the attack remotely...

SUSE CVE-2023-29544

If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CentOS 6 : thunderbird (RHSA-2020:2966)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2966 advisory. - Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This...

CentOS 6 : chromium-browser (RHSA-2020:2064)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2064 advisory. - Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

CentOS 7 : firefox (RHSA-2022:1284)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:1284 advisory. - NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free a...

CentOS 7 : firefox (RHSA-2022:6711)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6711 advisory. - When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. This...

CentOS 6 : thunderbird (RHSA-2020:5238)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5238 advisory. - Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted...

CentOS 7 : thunderbird (RHSA-2020:2906)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2906 advisory. - Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially...

CentOS 7 : thunderbird (RHSA-2022:9079)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9079 advisory. - If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER...

CentOS 7 : thunderbird (RHSA-2021:5046)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:5046 advisory. - Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported...

Siemens Questa and ModelSim

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SIMATIC S7-1500 and S7-1200 CPUs

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Siemens SINEC Security Monitor

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Amazon Linux 2 : thunderbird (ALAS-2024-2638)

The version of thunderbird installed on the remote host is prior to 115.15.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2638 advisory. An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion,...

CVE-2024-47609 Remotely exploitable DoS in Tonic `<=v0.12.2`

Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. This can be triggered by causing the accept call to error out with errors that...

CVE-2024-9396

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: It is currently unknown if this issue is exploitable, but a condition may arise where the structured clone of certain objects could lead to memory corruption...

CVE-2024-9396

It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...