CVE-2021-43827

The CVE-2021-43827 issue concerns the discourse-footnote library used with Discourse. Affected behavior occurs when an inline footnote is wrapped in tags, producing a nested element in rendered HTML. Nokogiri strips the nested tag, leading to a JavaScript error on topic pages when code searches...

CVE-2021-43827 Inline footnotes wrapped in <a> tags can cause errors in discourse-footnotes

discourse-footnote is a library providing footnotes for posts in Discourse. Impact When posting an inline footnote wrapped in tags e.g. ^footnote, the resulting rendered HTML would include a nested , which is stripped by Nokogiri because it is not valid. This then caused a javascript error on top...

Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer

A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked a...

CVE-2020-15652

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox 79, Firefox ESR 68.11, Firefox ESR 78.1, Thunderbird 68.11, and Thunderbi...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2020-44563)

Mozilla Firefox and others are products of the Mozilla Foundation in the U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of e-mail client software separate from the Mozilla Application...

CVE-2020-15652

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox 79, Firefox ESR 68.11, Firefox ESR 78.1, Thunderbird 68.11, and Thunderbi...

Mozilla Firefox Security Advisories (MFSA2018-24, MFSA2018-24) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

UBUNTU-CVE-2016-5297

An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firefox 50...

File Traversal Protection Bypass on Error Reporting

PMASA-2016-15 Announcement-ID: PMASA-2016-15 Date: 2016-05-25 Updated: 2016-05-26 Summary File Traversal Protection Bypass on Error Reporting Description A specially crafted payload could result in the error reporting component exposing whether an arbitrary file exists on the file system and the...

Mozilla SeaMonkey 2.x < 2.9.0 Multiple Vulnerabilities

Binary data 801320.prm...

Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1430-1)

Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cau...

CVE-2001-0824

Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into 1 a request for a .JSP file, or 2 a request to the webapp/examples/ directory, which inserts the Javascript into an error page...