7682 matches found
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla: Fix potential race conditions when releasing platform objects
The Mozilla Foundation Security Advisory describes this flaw as: Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities...
Mozilla Firefox ESR Security Advisories (MFSA2023-26, MFSA2023-30) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
SUSE-SU-2023:3162-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR bsc1213746: - CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas bmo1833876. - CVE-2023-4046: Fixed incorrect value used during WASM compilation...
PT-2023-20634 · Unknown · Cacheservice
Name of the Vulnerable Software and Affected Versions: Cacheservice affected versions not specified Description: The issue arises from the Cacheservice not correctly checking if relative cache objects point to the defined absolute location when accessing resources. This allows an attacker with...
underscore-keypath Security Vulnerabilities
underscore-keypath is a JavaScript library for handling keypath operations on objects. A keypath operation is the reading, setting, and manipulation of nested properties or property paths on an object specified by a string. underscore-keypath library provides a set of simple and flexible methods...
CVE-2023-24971
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...
Design/Logic Flaw
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...
CVE-2023-24971 IBM B2B Advanced Communication denial of service
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...
CVE-2023-24971 IBM B2B Advanced Communication denial of service
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976...
IBM B2B Advanced Communications 代码问题漏洞
IBM B2B Advanced Communications is a comprehensive business-to-business B2B integration solution from International Business Machines IBM. It is part of the IBM Sterling B2B Integration product family and is designed to simplify and optimize B2B interactions between businesses and partners. A...
Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2023-2466)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2023-19848 · Ibm · Ibm B2B Advanced Communications +1
Name of the Vulnerable Software and Affected Versions: IBM B2B Advanced Communications version 1.0.0.0 IBM Multi-Enterprise Integration Gateway version 1.0.0.1 Description: The issue allows a user to cause a denial of service due to the deserializing of untrusted serialized Java objects...
EulerOS Virtualization 2.9.1 : python-cryptography (EulerOS-SA-2023-2518)
According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...
EulerOS Virtualization 2.10.1 : python-cryptography (EulerOS-SA-2023-2466)
According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected...
Foxit PDF Reader AcroForm Doc Object Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of D...
PT-2023-4357 · Foxit · Foxit Pdf Reader +1
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Foxit PDF Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the...
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of D...
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...