UBUNTU-CVE-2022-49102

In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix possible memory leak in MMU DR fini This patch fixes what seems to be copy paste error. We will have a memory leak if the host-resident shadow is NULL which will likely happen as the DR and HR are not dependent...

CVE-2022-49102 habanalabs: fix possible memory leak in MMU DR fini

In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix possible memory leak in MMU DR fini This patch fixes what seems to be copy paste error. We will have a memory leak if the host-resident shadow is NULL which will likely happen as the DR and HR are not dependent...

CVE-2022-49102

In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix possible memory leak in MMU DR fini This patch fixes what seems to be copy paste error. We will have a memory leak if the host-resident shadow is NULL which will likely happen as the DR and HR are not dependent...

Malicious code in eslint-plugin-paste-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef7b4e70800026ad3cf2470622a7395db0d5a043654e45122e8ce535555604dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-186 Malicious code in eslint-plugin-paste-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef7b4e70800026ad3cf2470622a7395db0d5a043654e45122e8ce535555604dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-4298 · Trix · Trix

Name of the Vulnerable Software and Affected Versions: Trix editor versions prior to 2.1.12 Description: Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. The issue arises when pasting malicious code in the link field, allowing an attacker to trick the user into copyin...

CVE-2024-56562

A vulnerability was found in the i3cmasterputi3caddrs function in the Linux kernel's i3c driver. A memory management issue can occur due to a copy-paste error between "dynaddr" and "initdynaddr", which leads to incorrect handling of memory, potentially causing resource mismanagement and instabili...

CVE-2024-53847 Trix vulnerable to Cross-site Scripting on copy & paste

The Trix rich text editor, prior to versions 2.1.9 and 1.3.3, is vulnerable to cross-site scripting XSS + mutation XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user's...

Trix 跨站脚本漏洞

Trix is a Basecamp open source rich text editor for everyday writing. A cross-site scripting vulnerability exists in Trix versions prior to 2.1.9 and prior to 1.3.3. The vulnerability stems from the susceptibility to cross-site scripting attacks when malicious code is pasted, which may result in...

PT-2024-35949 · Trix · Trix

Name of the Vulnerable Software and Affected Versions: Trix editor versions prior to 2.1.9 and 1.3.3 Description: The issue concerns cross-site scripting XSS and mutation XSS attacks when pasting malicious code. An attacker could trick a user into copying and pasting malicious code, leading to th...

PT-2024-27100 · Zulip · Zulip

Name of the Vulnerable Software and Affected Versions: Zulip version 8.3 Description: The issue is related to Cross Site Scripting XSS via the construct copy div function in copy and paste.js. This allows for potential malicious script execution. Recommendations: For Zulip version 8.3, consider...

firefox: thunderbird: Clipboard "paste" button persisted across tabs

The Mozilla Foundation's Security Advisory: A clipboard "paste" button could persist across tabs which allowed a spoofing attack...

firefox: thunderbird: Clipboard "paste" button persisted across tabs

The Mozilla Foundation's Security Advisory: A clipboard "paste" button could persist across tabs which allowed a spoofing attack...

Updated nspr, nss, firefox & rust packages fix security vulnerabilities

Permission leak via embed or object elements. CVE-2024-10458 Use-after-free in layout with accessibility. CVE-2024-10459 Confusing display of origin for external protocol handler prompt. CVE-2024-10460 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response...

RHEL 9 : thunderbird (RHSA-2024:9019)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:9019 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: History interface could have been used ...

firefox: thunderbird: Clipboard "paste" button persisted across tabs

The Mozilla Foundation's Security Advisory: A clipboard "paste" button could persist across tabs which allowed a spoofing attack...

firefox: thunderbird: Clipboard "paste" button persisted across tabs

The Mozilla Foundation's Security Advisory: A clipboard "paste" button could persist across tabs which allowed a spoofing attack...

firefox: thunderbird: Clipboard "paste" button persisted across tabs

The Mozilla Foundation's Security Advisory: A clipboard "paste" button could persist across tabs which allowed a spoofing attack...

firefox: thunderbird: Clipboard "paste" button persisted across tabs

The Mozilla Foundation's Security Advisory: A clipboard "paste" button could persist across tabs which allowed a spoofing attack...

Moderate: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...