57574 matches found
Astra Linux - уязвимость в firefox
JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability has been fixed in Firefox 145 and Thunderbird 145...
Astra Linux - уязвимость в jsoup
jsoup is a Java HTML parser designed for HTML editing, cleaning, scraping, and XSS Cross-Site Scripting protection. However, jsoup may incorrectly sanitize HTML containing javascript: URLs, which could allow XSS attacks when a user clicks on those links. If the non-default...
Astra Linux - уязвимость в firefox
tags that referenced a document from the same origin could have allowed script execution if the attacker’s input was sanitized using the HTML Sanitizer API. This would require the attacker to reference a JavaScript file from the same origin that contained the script to be executed. This...
Astra Linux - уязвимость в firefox, thunderbird
Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...
Astra Linux - уязвимость в firefox, thunderbird
JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
Astra Linux - уязвимость в firefox, thunderbird
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...
Astra Linux - уязвимость в firefox
By using 3D CSS in conjunction with JavaScript, content could be rendered outside the webpage’s viewport. This led to a spoofing attack that could be used for phishing or other attacks against users. This vulnerability affects Firefox versions earlier than 88...
Astra Linux - уязвимость в firefox, thunderbird
JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
Astra Linux - уязвимость в chromium
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в firefox, thunderbird
If an attacker could control the contents of an iframe that was sandboxed using allow-popups but not allow-scripts, they could create a link that, when clicked, would cause JavaScript execution, violating the sandboxing rules. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbi...
Astra Linux - уязвимость в firefox
An attacker was able to perform out-of-bounds read or write operations on a JavaScript object by exploiting a bug related to range-based bounds checks. This vulnerability affects Firefox versions prior to 124.0.1...
Astra Linux - уязвимость в pypy, jython
The documentation XML-RPC server in Python, from versions 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4, has XSS vulnerabilities due to the servertitle field. This issue occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If the setservertitle function ...
Astra Linux - уязвимость в firefox
By using XSL Transforms, a malicious webserver could serve a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. This vulnerability affects Firefox versions earlier than 97...
Astra Linux - уязвимость в zabbix
The implementation of atob in "Zabbix JS" allows for creating a string with arbitrary content and using it to access internal properties of objects...
Astra Linux - уязвимость в chromium
Before version 93.0.4577.82, using V8 in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
The use of after-free in V8 in Google Chrome before version 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
In Google Chrome, memory access out of bounds in V8 before version 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в thunderbird
matrix-js-sdk is a client-server SDK for the Matrix messaging protocol, designed for JavaScript. Version 34.11.0 and earlier of matrix-js-sdk was vulnerable to client-side path traversal attacks through crafted MXC URIs. A malicious room member could trigger clients using matrix-js-sdk to send...
Astra Linux - уязвимость в libfastjson
JSON-C version 0.14 has an integer overflow issue, and there is a risk of out-of-bounds write operations through a large JSON file, as demonstrated by the printbufmemappend function...
Astra Linux - уязвимость в chromium
“Type Confusion in V8 in Google Chrome” before version 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption through a crafted HTML page. Chromium security severity: High...