22 matches found
MiracleLinux 7 : firefox-60.7.0-1.0.1.el7.AXS7 (AXSA:2019-3895:02)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3895:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 Mozilla: Cross-origin theft of images with createImageBitmap...
Cisco Firepower Management Center Software Object Group Access Control List Bypass (cisco-sa-fmc-object-bypass-fTH8tDjq)
A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...
CVE-2024-20361
A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...
CVE-2024-20361
Cisco CVE-2024-20361 affects Firepower Management Center (FMC) Software, enabling an unauthenticated remote attacker to bypass access controls on managed Firepower Threat Defense (FTD) devices. The root cause is the incorrect deployment of the Object Groups for ACLs feature from FMC to FTD in hig...
Cisco Firepower Management Center Software Object Group Access Control List Bypass Vulnerability
A vulnerability in the Object Groups for Access Control Lists ACLs feature of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to bypass configured access controls on managed devices that are running Cisco Firepower Threat Defense FTD Software. This...
SUSE CVE-2019-9816
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...
DEBIAN-CVE-2019-9816
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...
Type confusion
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...
CVE-2019-9816
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...
CVE-2019-9816
Summary: CVE-2019-9816 is a type confusion vulnerability involving manipulation of JavaScript objects in object groups, affecting Mozilla products (Thunderbird and Firefox/Firefox ESR) and specifically related to UnboxedObjects, which are disabled by default on all supported releases. The issue i...
Ubuntu 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-3997-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3997-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing...
Ubuntu: Security Advisory (USN-3997-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla: Type confusion with object groups and UnboxedObjects
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...
Mozilla: Type confusion with object groups and UnboxedObjects
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...
Mozilla: Type confusion with object groups and UnboxedObjects
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...
FreeBSD : mozilla -- multiple vulnerabilities (44b6dfbf-4ef7-4d52-ad52-2b1b05d81272)
Mozilla Foundation reports : CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS CVE-2019-9816: Type confusion with object groups and UnboxedObjects CVE-2019-9817: Stealing of cross-domain images using canvas CVE-2019-9818: Use-after-free in crash generation server...
UBUNTU-CVE-2019-9816
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS CVE-2019-9816: Type confusion with object groups and UnboxedObjects CVE-2019-9817: Stealing of cross-domain images using canvas CVE-2019-9818: Use-after-free in crash generation server...
Cisco IOS Software Access Control List Bypass Vulnerability
A vulnerability in Cisco IOS Software access control lists ACLs that use object groups could occasionally allow an unauthenticated, remote attacker to bypass the ACL. The vulnerability is due to a race condition between process switching and Cisco Express Forwarding switching while evaluating ACL...
Cisco IOS Software Object-group Access Control List Bypass Vulnerability - Cisco Systems
A vulnerability exists in Cisco IOS software where an unauthenticated attacker could bypass access control policies when the Object Groups for Access Control Lists ACLs feature is used. Cisco has released free software updates that address this vulnerability. There are no workarounds for this...