Medium: firefox

Issue Overview: In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. CVE-2026-25210 Affected Packages: firefox Issue Correction: Run dnf update firefox --releasever...

Linux Distros Unpatched Vulnerability : CVE-2022-42932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed...

Linux Distros Unpatched Vulnerability : CVE-2021-38494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers reported memory safety bugs present in Firefox 91. Some of these bugs showed evidence of memory corruption and we presume that with enough...

RHSA-2024:2887 Red Hat Security Advisory: firefox security update

Bulletin has no description...

Important: firefox

Issue Overview: The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are...

Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux

The Mozilla Foundation Security Advisory describes this flaw as: Firefox did not properly handle downloads of files ending in .desktop, which can be interpreted to run attacker-controlled commands. This bug only affects Firefox for Linux on certain Distributions. Other operating systems are...

CVE-2022-46872

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox 108, Firefox ESR 102.6, and...

Telesquare TLR-2855KS6 Arbitrary File Creation

Exploit Title: Telesquare TLR-2855KS6 - Arbitrary File Creation Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.telesquare.co.kr/ Version: TLR-2855KS6 Tested on: Linux Firefox CVE : CVE-2021-46418 Proof of Concept PUT /cgi-bin/testingcve.txt HTTP/1.1 Host:...

Security fix for the ALT Linux 10 package firefox-esr version 78.1.0-alt1

July 28, 2020 Andrey Cherepanov 78.1.0-alt1 - New release 78.1.0. - Fixes: + CVE-2020-15652 Potential leak of redirect targets when loading scripts in a worker + CVE-2020-6514 WebRTC data channel leaks internal address to peer + CVE-2020-15655 Extension APIs could be used to bypass Same-Origin...

Security fix for the ALT Linux 10 package firefox-esr version 60.2.2-alt1

Oct. 2, 2018 Andrey Cherepanov 60.2.2-alt1 - New ESR version 60.2.2 - Fixed: + CVE-2018-12386 Type confusion in JavaScript + CVE-2018-12387 JavaScript JIT compiler inlines Array.prototype.push with multiple arguments...

Oracle: Security Advisory (ELSA-2016-0695)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2016-0197)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID 6b3b1b97-207c-11e2-a03f-c8600054b392 OpenVAS Vulnerability Test $ Description: Auto generated from VID 6b3b1b97-207c-11e2-a03f-c8600054b392 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID d7dbd2db-599c-11e1-a2fb-14dae9ebcf89 OpenVAS Vulnerability Test $ Description: Auto generated from VID d7dbd2db-599c-11e1-a2fb-14dae9ebcf89 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID eba9aa94-549c-11e1-b6b7-0011856a6e37 OpenVAS Vulnerability Test $ Description: Auto generated from VID eba9aa94-549c-11e1-b6b7-0011856a6e37 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID 834591a9-c82f-11e0-897d-6c626dd55a41 OpenVAS Vulnerability Test $ Description: Auto generated from VID 834591a9-c82f-11e0-897d-6c626dd55a41 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

FreeBSD Ports: nss

The remote host is missing an update to the system as announced in the referenced advisory. VID aa5bc971-d635-11e0-b3cf-080027ef73ec OpenVAS Vulnerability Test $ Description: Auto generated from VID aa5bc971-d635-11e0-b3cf-080027ef73ec Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...