CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

Delight Nashorn Sandbox 注入漏洞

Delight Nashorn Sandbox is a Java Delight open source sandbox for executing JavaScript in Java using Nashorn. A security vulnerability exists in Delight Nashorn Sandbox version 0.2.4, 0.2.5. An attacker exploiting this vulnerability can exit a Java process by calling the exit and quit methods usi...

SUSE CVE-2012-1967

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper...

Jailed 安全漏洞

Jailed is a small JavaScript library for npmjs that is used to run untrusted code in a sandbox. All versions of Jailed have a security vulnerability that can be exploited by attackers to bypass the sandbox...

CVE-2021-34994

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DataProvider...

openSUSE Security Update : seamonkey (openSUSE-2015-250)

SeaMonkey was updated to 2.33 bnc917597 - MFSA 2015-11/CVE-2015-0835/CVE-2015-0836 Miscellaneous memory safety hazards - MFSA 2015-12/CVE-2015-0833 bmo945192 Invoking Mozilla updater will load locally stored DLL files Windows only - MFSA 2015-13/CVE-2015-0832 bmo1065909 Appended period to hostnam...

FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)

The Mozilla Project reports : MFSA-2015-11 Miscellaneous memory safety hazards rv:36.0 / rv:31.5 MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections MFSA-2015-14 Malicious WebGL content crash when...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA-2015-11 Miscellaneous memory safety hazards rv:36.0 / rv:31.5 MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections MFSA-2015-14 Malicious WebGL content crash when...

Debian Security Advisory DSA 2528-1 (icedove)

The remote host is missing an update to icedove announced via advisory DSA 2528-1. OpenVAS Vulnerability Test $Id: deb25281.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2528-1 icedove Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian DSA-2528-1 : icedove - several vulnerabilities

Several vulnerabilities were discovered in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. - CVE-2012-1948 Multiple unspecified vulnerabilities in the browser engine were fixed. - CVE-2012-1950 The underlying browser engine allows address bar spoofing through...

Debian Security Advisory DSA 2514-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 2514-1. OpenVAS Vulnerability Test $Id: deb25141.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2514-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Code injection

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper...

CVE-2012-1967

CVE-2012-1967 affects Mozilla Firefox 4.x–13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0–13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11. Root cause: JavaScript sandbox may run javascript: URLs with insufficient context, allowing remote code execution with user pr...

Debian DSA-2514-1 : iceweasel - several vulnerabilities

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. - CVE-2012-1948 Benoit Jacob, Jesse Ruderman, Christian Holler, and Bill McCloskey identified...

CVE-2012-1967

Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 do not properly implement the JavaScript sandbox utility, which allows remote attackers to execute arbitrary JavaScript code with improper...

Google Chrome Multiple Vulnerabilities (Jul 2009)

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...