737 matches found
Reolink Rlc-410W Access Control Error Vulnerability
Reolink Rlc-410W is a Wifi security camera from Reolink China.The Reolink RLC-410W in version v3.0.0.13620121102 is vulnerable to an access control error that stems from the device's factory binary not properly restricting access to resources from unauthorized roles. An attacker could exploit the...
SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:0199-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0199-1 advisory. - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox...
CVE-2022-22740
Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
Oracle Linux 7 : firefox (ELSA-2022-0124)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0124 advisory. 91.5.0-1.0.2 - Enabled aarch64 builds 91.5.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 3014329...
CVE-2022-22740
The Mozilla Foundation Security Advisory describes this flaw as: Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free issue, causing a potentially exploitable crash...
Mozilla: Use-after-free of ChannelEventQueue::mOwner
The Mozilla Foundation Security Advisory describes this flaw as: Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free issue, causing a potentially exploitable crash...
Mozilla: Use-after-free of ChannelEventQueue::mOwner
The Mozilla Foundation Security Advisory describes this flaw as: Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free issue, causing a potentially exploitable crash...
Mozilla: Use-after-free of ChannelEventQueue::mOwner
The Mozilla Foundation Security Advisory describes this flaw as: Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free issue, causing a potentially exploitable crash...
Mozilla: Use-after-free of ChannelEventQueue::mOwner
The Mozilla Foundation Security Advisory describes this flaw as: Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free issue, causing a potentially exploitable crash...
Mozilla: Use-after-free of ChannelEventQueue::mOwner
The Mozilla Foundation Security Advisory describes this flaw as: Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free issue, causing a potentially exploitable crash...
Mozilla: Use-after-free of ChannelEventQueue::mOwner
The Mozilla Foundation Security Advisory describes this flaw as: Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free issue, causing a potentially exploitable crash...
Mozilla: Use-after-free of ChannelEventQueue::mOwner
The Mozilla Foundation Security Advisory describes this flaw as: Certain network request objects were freed too early when releasing a network request handle. This could have led to a use-after-free issue, causing a potentially exploitable crash...
Mozilla Firefox < 96.0
The version of Firefox installed on the remote Windows host is prior to 96.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-01 advisory. - When a worker is shutdown, it was possible to cause script to run late in the lifecycle, at a point after where it shou...
Mozilla Firefox ESR < 91.5
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 91.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-02 advisory. - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyso...
Security Vulnerabilities fixed in Firefox 96 — Mozilla
A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.This bug only affects Firefox for Windows. Other operating systems are unaffected. When navigating from inside an iframe while requesting fullscreen access,...
Mozilla Thunderbird < 91.5
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-03 advisory. - Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyso...
Security feature bypass
A vulnerability in the identity-based firewall IDFW rule processing feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper...
CVE-2021-34787 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability
A vulnerability in the identity-based firewall IDFW rule processing feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper...
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability
A vulnerability in the identity-based firewall IDFW rule processing feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper...
D-LINK DIR-3040 Information Disclosure Vulnerability (CNVD-2021-94832)
D-LINK DIR-3040 is a router from D-Link Taiwan, China. The WiFi Smart Mesh feature of the D-LINK DIR-3040 1.13B03 is vulnerable to information disclosure. An attacker could exploit the vulnerability with a specially crafted network request to cause command execution...