Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.

The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.

The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...

Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.

The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...

Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash.

The Mozilla Foundation Security Advisory describes this flaw as: During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash...

ALSA-2023:6194 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.4.1. Security Fixes: Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and...

RHEL 8 : thunderbird (RHSA-2023:6197)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6197 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.4.1. Security Fixes: Mozilla:...

SUSE-SU-2023:4214-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Updated to version 115.4.0 ESR bsc1216338: - CVE-2023-5721: Fixed a potential clickjack via queued up rendering. - CVE-2023-5722: Fixed a cross-Origin size and header leakage. - CVE-2023-5723: Fixed unexpected errors when handling inval...

SUSE-SU-2023:4213-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Updated to version 115.4.0 ESR bsc1216338. - CVE-2023-5721: Fixed a potential clickjack via queued up rendering. - CVE-2023-5722: Fixed a cross-Origin size and header leakage. - CVE-2023-5723: Fixed unexpected errors when handling inval...

CVE-2023-5722

Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox 119...

CVE-2023-5730

Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 119, Firefox ESR...

CVE-2023-5727

The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...

Mozilla Firefox Security Advisory (MFSA2023-45) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2023-45. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

CVE-2023-32724 JavaScript engine memory pointers are directly available for Zabbix users for modification

Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation...

CVE-2023-32724 JavaScript engine memory pointers are directly available for Zabbix users for modification

Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation...

USN-6426-1 webkit2gtk vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

Foxit Reader < 9.1 Multiple Vulnerabilities

According to its version, the Foxit Reader application installed on the remote Windows host is prior to 9.1. It is, therefore affected by multiple vulnerabilities: - In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP...

Type Confusion

chromium is vulnerable to Type Confusion. This vulnerability could allow an attacker to execute arbitrary code on a victim's computer by exploiting a flaw in the V8 JavaScript engine. The impact of this vulnerability is high, as it can be exploited by attackers to steal sensitive data, take contr...

CVE-2023-5170

In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...