CVE-2023-4046

In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

Mozilla Firefox < 116.0

The version of Firefox installed on the remote Windows host is prior to 116.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-29 advisory. - Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that...

Security Vulnerabilities fixed in Firefox 116 — Mozilla

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect...

Security Vulnerabilities fixed in Firefox ESR 102.14 — Mozilla

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect...

Mozilla Firefox ESR < 102.14

The version of Firefox ESR installed on the remote Windows host is prior to 102.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-30 advisory. - Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and...

Mozilla Firefox ESR < 102.14

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-30 advisory. - Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, an...

Incorrect Signature Validation in LensHub Contract

Lines of code Vulnerability details Description The LensHub contract contains two functions, "setFollowModuleWithSig" and "setProfileImageURIWithSig," that allow users to set a follow module and profile image URI, respectively, for a profile using EIP712 signatures for verification. However, the...

Mitsubishi Electric CNC Series (Update E)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : CNC Series devices Vulnerability : Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious remote attacker to...

Use after free in PaddlePaddle

Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition...

GHSA-8WFH-QXXV-3Q8C Use after free in PaddlePaddle

Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition...

CVE-2023-38669

Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition...

Design/Logic Flaw

Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition...

CVE-2023-38669

Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition...

CVE-2023-38669

CVE-2023-38669 affects PaddlePaddle before 2.5.0, with a use-after-free in paddle.diagonal. The vulnerability (reported as potentially exploitable) is described across multiple sources; primary impact is high, and CVSS v3.1 scores indicate CRITICAL/ HIGH where applicable. Public details provided:...

CVE-2023-38669

Use after free in paddle.diagonal in PaddlePaddle before 2.5.0. This resulted in a potentially exploitable condition...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:2959-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2959-1 advisory. - During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:2960-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2960-1 advisory. - During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This...

PT-2023-26577 · Campcodes · Campcodes Beauty Salon Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Beauty Salon Management System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file /admin/index.php. The manipulation of the username argument leads to sql injection. The atta...

AXIS A1001

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION : Exploitable from adjacent network Vendor : Axis Communications Equipment : AXIS A1001 Vulnerability : Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3...