7689 matches found
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including Business Objects, Netweaver and Powerdesigner. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing...
RLSA-2023:4499 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation CVE-2023-4046 Mozilla:...
CVE-2023-37490
SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely compromise the...
CVE-2023-37490
SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely compromise the...
Design/Logic Flaw
SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the network to overwrite an executable file created in a temporary directory during the installation process. On replacing this executable with a malicious file, an attacker can completely compromise the...
CVE-2023-37490
The CVE-2023-37490 entry concerns SAP Business Objects Installer (versions 420, 430). A network-authenticated attacker can overwrite an executable file created in a temporary directory during installation and replace it with a malicious file, enabling a full compromise of confidentiality, integri...
SAP Business Objects Code Issue Vulnerability
SAP Business Objects is a business intelligence suite from SAP, Germany. A code issue vulnerability exists in SAP BusinessObjects Installer that originates from allowing an authenticated attacker within a network to overwrite an executable file created in a temporary directory during installation...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
RHEL 8 : thunderbird (RHSA-2023:4500)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4500 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla...
RHEL 8 : thunderbird (RHSA-2023:4492)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4492 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla...
RHEL 8 : thunderbird (RHSA-2023:4496)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4496 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla...
Authorization Bypass
firefox is vulnerable to Authorization Bypasses. A flaw was found in the way that documents loaded principal objects. This flaw could have allowed a malicious user to load a document with a higher privilege level than they should have been allowed...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...