Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Use-after-free when breaking lines in text CVE-2025-0238 firefox: Memory corruption when using JavaScript Text Segmentation CVE-2025-0241 firefox: Alt-Svc ALPN...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

CVE-2024-42330

The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. The problem is that the returned strings are created directly from the data returned by the server and are not correctly encoded for JavaScript. This allows to create internal strings that...

SUSE-SU-2022:1818-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.9.1 ESR - MFSA 2022-19 bsc1199768: - CVE-2022-1802: Prototype pollution in Top-Level Await implementation - CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollut...

Elastic Stack 7.14.1 Security Update

Kibana code execution issue ESA-2021-21 It was discovered that a user with fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, allowing an attacker to execute commands on the kibana...

Foxit PDF Reader 资源管理错误漏洞

Foxit PDF Reader is a PDF reader. Foxit PDF Reader handles Javascript security vulnerabilities, which can be exploited by attackers to execute arbitrary code...

KLA11325 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A vulnerability in register allocation in JavaScript c...

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-12386: Type confusion in JavaScript A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered...

The vulnerability of JavaScript script handlers in Internet Explorer arises from operations that go beyond buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Internet Explorer arises from the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted web page content...

v8: multiple vulnerabilities fixed in Google Chrome version 33.0.1750.146

Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

Prototype Pollution

Overview Affected versions of this package are vulnerable to Prototype Pollution. The utilities function allow modification of the Object prototype. If an attacker can control part of the structure passed to this function, they could add or modify an existing property. PoC by Olivier Arteau...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 17, 2017

If you conduct a search on the Web for the number of languages spoken around the world, you’ll see numbers ranging anywhere from 6,000-7,000. I figure I’m doing okay since I can speak English and Spanish, sign the English alphabet, recite the Greek alphabet, and read music. There are roughly over...

SUSE-SU-2016:1342-1 Security update for MozillaFirefox

This update to MozillaFirefox 38.8.0 ESR fixes the following security issues bsc977333: - CVE-2016-2805: Miscellaneous memory safety hazards - MFSA 2016-39 bsc977374 - CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 bsc977376 - CVE-2016-2808: Write to invalid HashMap entry throu...

Die Kaufladen Kasse - External URLs, Native code usage, WebView JavaScript enabled vulnerabilities

HackApp vulnerability scanner discovered that application Die Kaufladen Kasse published at the 'play' market has multiple vulnerabilities...

3D Flip Clock Theme Pack 02 - WebView JavaScript enabled, WebView files access vulnerabilities

HackApp vulnerability scanner discovered that application 3D Flip Clock Theme Pack 02 published at the 'play' market has multiple vulnerabilities...

Aurora Notifier - External URLs, Suspicious files, WebView JavaScript enabled vulnerabilities

HackApp vulnerability scanner discovered that application Aurora Notifier published at the 'play' market has multiple vulnerabilities...