Lucene search
K

9 matches found

Mageia
Mageia
added 2020/01/05 3:37 p.m.56 views

Updated mozjs60 packages fix security vulnerability

The updated packages fix security vulnerabilities: A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox...

10CVSS1.6AI score0.55874EPSS
Exploits14References3
Tenable Nessus
Tenable Nessus
added 2019/09/11 12:0 a.m.46 views

NewStart CGSL MAIN 4.06 : firefox Multiple Vulnerabilities (NS-SA-2019-0175)

The remote NewStart CGSL host, running version MAIN 4.06, has firefox packages installed that are affected by multiple vulnerabilities: - Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted...

10CVSS8.2AI score0.55874EPSS
Exploits18References16
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.38 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0160)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages,...

10CVSS8.7AI score0.55874EPSS
Exploits28References7
OSV
OSV
added 2019/07/23 2:15 p.m.3 views

ALPINE-CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS8.7AI score0.55874EPSS
Exploits10References1
OSV
OSV
added 2019/07/23 2:15 p.m.4 views

DEBIAN-CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS8.6AI score0.55874EPSS
Exploits10References1
AlpineLinux
AlpineLinux
added 2019/07/23 1:20 p.m.62 views

CVE-2019-11708

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing...

10CVSS9.5AI score0.55874EPSS
Exploits10
CVE
CVE
added 2019/07/23 1:20 p.m.1353 views

CVE-2019-11708

CVE-2019-11708 is a sandbox-escape vulnerability in Mozilla Firefox ESR and Thunderbird caused by insufficient vetting of parameters in the Prompt:Open IPC message between child and parent processes, allowing a compromised child to cause the non-sandboxed parent to open web content and potentiall...

10CVSS9.2AI score0.55874EPSS
In wildExploits10References6Affected Software2
FreeBSD
FreeBSD
added 2019/06/20 12:0 a.m.52 views

Mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-11708: sandbox escape using Prompt:Open Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When...

10CVSS2.6AI score0.55874EPSS
Exploits10References1
Mozilla
Mozilla
added 2019/06/20 12:0 a.m.67 views

Security vulnerabilities fixed in Thunderbird 60.7.2 — Mozilla

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. Insufficient vetting of parameters passed with the Prompt:Open IPC message between chi...

10CVSS1.4AI score0.55874EPSS
Exploits14References2Affected Software1
Rows per page
Query Builder