CVE-2023-37201

An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

CVE-2023-37201

An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

CVE-2023-37201

CVE-2023-37201 is a WebRTC-related use-after-free in Firefox/Thunderbird: an attacker could trigger memory corruption during HTTPS WebRTC setup. Affected: Firefox <115, Firefox ESR <102.13, Thunderbird

CVE-2023-37201

An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

CVE-2023-37201

An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

CVE-2023-37201

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS...

CVE-2023-37201

An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2286)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox ESR < 102.13

The version of Firefox ESR installed on the remote Windows host is prior to 102.13. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-23 advisory. - Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed...

Mozilla Firefox < 115.0

The version of Firefox installed on the remote Windows host is prior to 115.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-22 advisory. - Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that...

NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the update functionality, which operates...

Exploit for OS Command Injection in Easynas

CVE-2023-0830: EasyNAS 1.1.0 Authenticated OS Command Injectio...

CBL Mariner 2.0 Security Update: python-requests (CVE-2023-32681)

The version of python-requests installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32681 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization...

Security Bulletin: Multiple security vulnerabilities have been identified in Open SSL, which is shipped with IBM Tivoli Network Manager IP Edition.

Summary Open SSL is shipped with IBM Tivoli Network Manager IP Edition version 3.9. Information about security vulnerabilities affecting Open SSL has been published here. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information,...

Gato - GitHub Self-Hosted Runner Enumeration And Attack Tool

Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization. The tool also allows searching for and thoroughly enumerating publ...

bsoptik.cz Cross Site Scripting vulnerability OBB-3461198

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

F5 Networks BIG-IP : BIG-IP APM OAuth vulnerability (K20717585)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3. It is, therefore, affected by a vulnerability as referenced in the K20717585 advisory. - On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the...

kohlefiltermax.de Cross Site Scripting vulnerability OBB-3452386

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

MAL-2023-826 Malicious code in sync-https-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 216dcfab006171670a40ded9fe39fcad616a3998fd0c9544be5281a40e766a60 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

[SECURITY] [DLA 3456-1] requests security update

Debian LTS Advisory DLA-3456-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 18, 2023 https://wiki.debian.org/LTS Package : requests Version : 2.21.0-1+deb10u1 CVE ID : CVE-2023-32681 Debian Bug : 1036693 Requests, a Python HTTP library, has been leaking...