9 matches found
EUVD-2019-7488
Malware in sbrugna...
EUVD-2022-27899
Malicious code in bioql PyPI...
CVE-2022-34483
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...
CVE-2023-25741
When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...
KLA20237 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security...
Code injection
An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...
Debian DSA-5074-1 : thunderbird - security update
The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5074 advisory. - Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs show...
Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5284-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5284-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...
Mozilla Firefox ESR < 91.6
The version of Firefox ESR installed on the remote Windows host is prior to 91.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-05 advisory. - Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs prese...