235 matches found
Updated firefox packages fix security vulnerability
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow CVE-2019-9810. Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and...
Mozilla: Ionmonkey type confusion with __proto__ mutations
Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...
Mozilla: Ionmonkey type confusion with __proto__ mutations
Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...
Oracle Linux 6 : firefox (ELSA-2019-0672)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-0672 advisory. 60.6.1-1.0.1 - fix LDLIBRARYPATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one 60.6.1-1 - Update to 60.6.1 ESR Build 1...
Scientific Linux Security Update : firefox on SL7.x x86_64 (20190327)
This update upgrades Firefox to version 60.6.1 ESR. Security Fixes : - Mozilla: IonMonkey MArraySlice has incorrect alias information CVE-2019-9810 - Mozilla: Ionmonkey type confusion with proto mutations CVE-2019-9813 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...
Mozilla: Ionmonkey type confusion with __proto__ mutations
Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...
Mozilla: Ionmonkey type confusion with __proto__ mutations
Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...
UBUNTU-CVE-2019-9813
Incorrect handling of proto mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...
CVE-2019-1000011
API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability...
Improper access control
API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability...
Improper Access Control
API Platform contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized...
OSINT Chrome Extension: ThreatPinch Lookup
OSINT Chrome Extension ThreatPinch was designed to enable information security professionals quick reference checks for commonly looked up indicators without having to leave the comfort of their current webpage. Be it, IPv4 addresses, MD5/SHA2 hashes, these indicators are usually copied and paste...
Legal Robot: Near-duplicate accounts allowed with ignored email mutations
A security researcher discovered that near-duplicate accounts like [email protected], [email protected], and [email protected] were all treated as separate accounts, while some email services, like gmail and google apps, treat these as the same account. This issue could lead to excess ema...
[Mutator v0.2.2.1] Wordlist mutator
This project aims to be a wordlist mutator with hormones, which means that some mutations will be applied to the result of the ones that have been already done, resulting in something like: corporation - C0rp0r4t10n2012 This software is usefull when applied to a few words, like company name and/o...
Google Caja V8 JavaScript VM未明远程代码执行漏洞
Google Caja是一个旨在制订一个JavaScript语言的子集和最佳编程指导方针,约束JavaScript程序员编写的代码,符合一个更加安全,更加合理的JS代码 Google Caja相关冻结V8 Javascript虚拟机上陈列变异array mutations存在一个未明安全漏洞,允许攻击者利用漏洞执行任意代码 0 Google Caja r5550 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息: http://code.google.com/p/google-caja/wiki/SecurityAdvisory201308013...