58903 matches found
Astra Linux – Vulnerability in rabbitMQ-server
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI through the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
Astra Linux – Vulnerability in Firefox and Thunderbird
An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...
Astra Linux – Vulnerability in Chromium
Type Confusion in V8 in Google Chrome before version 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Zabbix
The implementation of atob in "Zabbix JS" allows for creating a string with arbitrary content and using it to access internal properties of objects...
Astra Linux – Vulnerability in Chromium
“Type Confusion in V8 in Google Chrome” before version 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
In Google Chrome versions prior to 87.0.4280.88, uninitialized use of V8 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in V8 in Google Chrome prior to version 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption through a crafted script...
Astra Linux – Vulnerability in Chromium
The use of after-free in V8 in Google Chrome before version 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
In V8, the "out of bounds" reading in Google Chrome before version 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 93.0.4577.82, using V8 in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Firefox
By using XSL Transforms, a malicious webserver could serve a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. This vulnerability affects Firefox versions earlier than 97...
Astra Linux – Vulnerability in Firefox
tags that referenced a document from the same origin could have allowed script execution if the attacker’s input was sanitized using the HTML Sanitizer API. This would require the attacker to reference a JavaScript file from the same origin that contained the script to be executed. This...
Astra Linux – Vulnerability in WebKit2GTK
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary JavaScript code execution...
Astra Linux – Vulnerability in Thunderbird
Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive Chrome-level privileges; however, it could be used as a stepping stone for further attacks involving other vulnerabilities. This vulnerability affects...
Astra Linux – Vulnerability in Chromium
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Zabbix
A authenticated user can create a link containing reflected JavaScript code on it for the discovery page and send it to other users. The payload can only be executed with a known CSRF token value of the victim, which is changed periodically and is difficult to predict...
Astra Linux – Vulnerability in python-pymysql
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input, because keys are not escaped by escapedict...
Astra Linux – Vulnerability in Firefox and Thunderbird
Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...