14 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-4047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects...
Permission Issues
Firefox is vulnerable to Permission Issues. The vulnerability is caused due to a bug in the popup notification's interaction with WebAuthn which can make it easier for an attacker to trick a user into granting permissions...
Rocky Linux 8 : firefox (RLSA-2024:0608)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0608 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affect...
UBUNTU-CVE-2024-0750
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...
CVE-2024-0750
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...
Privilege Escalation
firefox and thunderbird are vulnerable to Privilege Escalation. An attacker could exploit this vulnerability by creating a malicious website that would show a popup notification asking for permission to access the user's files. If the user clicked on the notification, the permission would be...
Security Vulnerabilities fixed in Thunderbird 115.1 — Mozilla
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect...
DEBIAN-CVE-2023-4047
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...
CVE-2023-4047
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...
UBUNTU-CVE-2023-4047
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...
CVE-2023-32207
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...
Oracle Linux 8 : thunderbird (ELSA-2023-3221)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3221 advisory. 102.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.11.0-1 - Update to 102.11.0 build1 Tenable h...
SUSE-SU-2022:0906-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Updated to version 91.7 bsc1196900: - CVE-2022-26381: Fixed an invalid memory access due to text reflow when SVG objects were present. - CVE-2022-26383: Fixed an issue where, when resizing a popup after requesting fullscreen access, t...
Bitwarden: Export vault feature is vulnerable to CSV injection
Hello guys I don't know if you care about this issue but it seems that the export feature in your https://vault.bitwarden.com//tools is vulnerable to CSV injection. If a CSV contains a malicious command it may have big impact Even though there is a popup notification for users before opening the...