Astra Linux - уязвимость в firefox, thunderbird

A website could have obscured the fullscreen notification by using a dropdown select input element. This could have caused user confusion and potentially led to spoofing attacks. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...

Astra Linux - уязвимость в firefox

The z-order of browser windows can be manipulated to hide the fullscreen notifications. This could potentially be used to carry out a spoofing attack. This vulnerability has been fixed in Firefox 135 and Thunderbird 135...

Astra Linux - уязвимость в thunderbird, firefox

By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 108...

Astra Linux - уязвимость в firefox

Selected options might obscure the full-screen notification dialog box. This could be exploited by a malicious site to carry out a spoofing attack. This vulnerability affects Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1...

MiracleLinux 9 : thunderbird-102.13.0-2.el9.ML.1 (AXSA:2023-6243:21)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6243:21 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

MiracleLinux 7 : firefox-102.10.0-1.0.1.el7.AXS7 (AXSA:2023-5303:17)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5303:17 advisory. MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp BZ2186102 Mozilla: Fullscreen notification obscured CVE-2023-29533 Mozilla: Potential Memory...

MiracleLinux 8 : firefox-91.4.0-1.el8.ML.1 (AXSA:2022-2971:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2971:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...

MiracleLinux 8 : firefox-102.5.0-1.el8.ML.1 (AXSA:2023-4657:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4657:01 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...

MiracleLinux 7 : firefox-91.4.0-1.0.1.el7.AXS7 (AXSA:2021-2597:33)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2597:33 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...

MiracleLinux 8 : firefox-115.14.0-2.el8_10.ML.1 (AXSA:2024-8694:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8694:28 advisory. Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory...

MiracleLinux 8 : thunderbird-102.13.0-2.el8.ML.1 (AXSA:2023-6238:20)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6238:20 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

MiracleLinux 9 : thunderbird-102.8.0-2.el9.ML.1 (AXSA:2023-5140:11)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5140:11 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

MiracleLinux 8 : firefox-102.7.0-1.el8.ML.1 (AXSA:2023-4857:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4857:04 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...

MiracleLinux 9 : thunderbird-102.5.0-2.el9.ML.1 (AXSA:2023-5045:06)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5045:06 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...

CVE-2023-29534

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected. This vulnerability affects...

PT-2025-47790

This vulnerability allowed a site to enter fullscreen, after a user click, without a full-screen notification toast appearing. Without this notification, users could potentially be misled about what site they were on if a malicious site renders a fake UI like a fake address bar...

EUVD-2018-17859

Malware in sbrugna...

EUVD-2023-33075

Malicious code in bioql PyPI...

EUVD-2022-34224

Malicious code in bioql PyPI...

EUVD-2023-29655

Malicious code in bioql PyPI...