51 matches found
Astra Linux - уязвимость в firefox, thunderbird
It was possible to cause the use of a MessagePort after it had already been freed, which could potentially lead to an exploitable crash. This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...
MiracleLinux 8 : firefox-115.5.0-1.el8_9.ML.1 (AXSA:2024-7349:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7349:01 advisory. Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer CVE-2023-6204 Mozilla: Use-after-free in MessagePort::Entangled CVE-2023-6205 Mozilla:...
EUVD-2023-58452
Malicious code in bioql PyPI...
ROS-20240927-06
A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...
Amazon Linux 2 : thunderbird (ALAS-2024-2379)
The version of thunderbird installed on the remote host is prior to 115.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2379 advisory. On some systems--depending on the graphics settings and drivers--it was possible to force an out-of-bounds read and...
Updated firefox packages fix security vulnerabilities
The updated packages fix security vulnerabilities. Out-of-bound memory access in WebGL2 blitFramebuffer. CVE-2023-6204 Use-after-free in MessagePort::Entangled. CVE-2023-6205 Clickjacking permission prompts using the fullscreen transition. CVE-2023-6206 Use-after-free in...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...
RHEL 9 : firefox (RHSA-2023:7577)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7577 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 8 : firefox (RHSA-2023:7569)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7569 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...
Denial Of Service (DOS)
Firefox is vulnerable to Denial Of Service DOS. The vulnerability is caused due to the fact that the MessagePort can be used after it had already been freed. This can be exploited to crash the firefox...
Oracle Linux 7 : thunderbird (ELSA-2023-7505)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7505 advisory. 115.5.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.5.0-1 - Update to...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...
Mozilla: Use-after-free in MessagePort::Entangled
The Mozilla Foundation Security Advisory describes this flaw as: It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash...