MiracleLinux 8 : thunderbird-115.4.1-1.el8.ML.1 (AXSA:2023-6571:31)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6571:31 advisory. Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR...

EUVD-2017-14514

Malware in sbrugna...

EUVD-2007-2159

Malware in sbrugna...

EUVD-2016-10105

Malware in sbrugna...

EUVD-2023-33027

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2013-2632

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service application crash or possibly have...

Linux Distros Unpatched Vulnerability : CVE-2019-9795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability where type-confusion in the IonMonkey just-in-time JIT compiler could potentially be used by malicious JavaScript to trigger a potentially...

Linux Distros Unpatched Vulnerability : CVE-2019-9819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This...

Linux Distros Unpatched Vulnerability : CVE-2018-18503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations...

CVE-2019-14211

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the lack of proper validation of the existence of an object prior to performing operations on that object when executing JavaScript...

CVE-2019-14212

An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling certain XFA JavaScript due to the use of, or access to, a NULL pointer without proper validation on the object...

CVE-2023-29458 Duktape 2.6 bug crashes JavaScript putting too many values in valstack.

Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use...

SUSE CVE-2019-9795

A vulnerability where type-confusion in the IonMonkey just-in-time JIT compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...

CVE-2022-28282

By using a link with rel="localization" a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and...

Mozilla: Use-after-free in DocumentL10n::TranslateDocument

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: By using a link with rel="localization," a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to...

Mozilla: Use-after-free in DocumentL10n::TranslateDocument

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: By using a link with rel="localization," a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to...

Mozilla: Use-after-free in DocumentL10n::TranslateDocument

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: By using a link with rel="localization," a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to...

openSUSE Security Update : epiphany (openSUSE-2019-2318)

This update for epiphany fixes the following issues : - CVE-2018-11396: Fixed a JavaScript crash when an invalid URI is opened boo1094464. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2019-2318. The...

OPENSUSE-SU-2019:2318-1 Security update for epiphany

This update for epiphany fixes the following issues: - CVE-2018-11396: Fixed a JavaScript crash when an invalid URI is opened boo1094464...

Security update for epiphany (moderate)

openSUSE Security Update: Security update for epiphany Announcement ID: openSUSE-SU-2019:2318-1 Rating: moderate References: 1094464 Cross-References: CVE-2018-11396 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This...