28 matches found
Astra Linux – Vulnerability in Firefox
Under unusual circumstances, an individual thread may survive the termination of its manager during shutdown. This could lead to a use-after-free condition, resulting in a potentially exploitable crash. This vulnerability affects Firefox versions earlier than 98...
Astra Linux – Vulnerability in Firefox
Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs in Firefox 97. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...
Astra Linux – Vulnerability in Firefox and Thunderbird
If an attacker could control the contents of an iframe that was sandboxed using allow-popups but not allow-scripts, they could create a link that, when clicked, would cause JavaScript execution, violating the sandboxing rules. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbi...
Astra Linux – Vulnerability in Firefox
Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 98. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to...
MINI-CHMP-8GR3-CR98
Bulletin has no description...
CVE-2026-29077
Frappe (full‑stack web application framework) is affected by CVE-2026-29077 due to a lack of validation when sharing documents, enabling a user to share a document with a permission they themselves do not possess. Affected versions are prior to 15.98.0 and 14.100.0. The issue has been patched in ...
MINI-8VXC-WG98-J2GP
Bulletin has no description...
CVE-2019-25341
iNetTools for iOS 8.20 contains a denial of service vulnerability in the Whois feature that allows attackers to crash the application by manipulating input. Attackers can paste a specially crafted 98-character buffer into the Domain Name field to trigger an application crash...
Malicious code in rita-98 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9508b9a417471b3af8ded6f50a1f7e97c2d9ca74d1b7234a0421a7c1f8b22fed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-60156
Cross-Site Request Forgery CSRF vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through = 8.36...
CVE-2025-60156
Cross-Site Request Forgery CSRF vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through = 8.34...
CVE-2025-60156 WordPress AR For WordPress plugin <= 8.34 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through = 8.34...
WordPress plugin Smart Forms 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2022-49800 tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only free buf in fail path, hence buf will leak when there is no failure. Add kfreebuf to prevent the memleak. The same reason and solution in...
CVE-2025-23176
CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'...
SUSE CVE-2021-38493
Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 78.14,...
SUSE CVE-2022-0843
Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabilit...
SUSE CVE-2022-26382
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox 98...
SUSE CVE-2022-28288
Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...
CVE-2022-26382
While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox 98...