Lucene search
K

252 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.25 views

Rocky Linux 8 : firefox (RLSA-2023:4952)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4952 advisory. - A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing...

8.8CVSS7.7AI score0.00693EPSS
Exploits0References25
RedHat Linux
RedHat Linux
added 2023/10/05 2:59 p.m.6 views

firefox: use-after-free in workers

The Mozilla Foundation Security Advisory describes this flaw as: During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash...

8.8CVSS7.2AI score0.00542EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/10/04 11:32 a.m.12 views

Mozilla: Out-of-bounds write in PathOps

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: A compromised content process could have provided malicious data in a PathRecording, resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process...

6.5CVSS7.1AI score0.01EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/09/28 12:0 a.m.63 views

CVE-2023-5171

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...

6.5CVSS6.7AI score0.0102EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/09/28 12:0 a.m.26 views

SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:3837-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3837-1 advisory. Update to Firefox Extended Support Release 115.3.0 ESR MFSA 2023-42, bsc1215575: Security fixes: - CVE-2023-5168: Out-of-bounds wri...

9.8CVSS7AI score0.01233EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2023/09/27 6:54 a.m.32 views

CVE-2023-5174

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug...

9.8CVSS6.5AI score0.0099EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.52 views

Mozilla Firefox ESR < 115.3

The version of Firefox ESR installed on the remote Windows host is prior to 115.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-42 advisory. - Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed...

9.8CVSS8.2AI score0.01233EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.22 views

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-269-01)

The version of mozilla-firefox installed on the remote host is prior to 115.3.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-269-01 advisory. - A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an...

9.8CVSS8.2AI score0.01233EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/09/18 12:0 a.m.22 views

Oracle Linux 8 : thunderbird (ELSA-2023-4954)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4954 advisory. 102.15.0-1.0.1 - Update to 102.15.0 build1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

8.8CVSS7.4AI score0.00693EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2023/09/11 7:59 a.m.13 views

CVE-2023-4573

When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...

6.3AI score0.00545EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/09/06 12:0 a.m.24 views

Debian DSA-5485-1 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5485 advisory. - When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially...

8.8CVSS7.8AI score0.00693EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2023/09/06 12:0 a.m.25 views

AlmaLinux 8 : firefox (ALSA-2023:4952)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4952 advisory. - A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing...

8.8CVSS7.7AI score0.00693EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2023/09/06 12:0 a.m.39 views

AlmaLinux 9 : firefox (ALSA-2023:4958)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4958 advisory. - A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing...

8.8CVSS7.7AI score0.00693EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2023/08/09 12:0 a.m.32 views

Debian dla-3523 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3523 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3523-1 [email protected]...

9.8CVSS7.8AI score0.13694EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2023/08/04 12:0 a.m.32 views

Debian DSA-5464-1 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5464 advisory. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the...

9.8CVSS8AI score0.13694EPSS
Exploits1References20
Vulnrichment
Vulnrichment
added 2023/08/01 2:58 p.m.15 views

CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

6.8AI score0.13694EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/07/26 12:0 a.m.21 views

SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:2959-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2959-1 advisory. Firefox Extended Support Release 115.0.2 ESR MFSA 2023-26, bsc1213230 Security fixes: - CVE-2023-3600: Fixed use-after-free in workers...

8.8CVSS7.3AI score0.00542EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/07/26 12:0 a.m.23 views

SUSE SLES15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:2960-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2960-1 advisory. Firefox Extended Support Release 115.0.2 ESR MFSA 2023-26, bsc1213230 Security fixes: - CVE-2023-3600: Fixed use-after-free in workers...

8.8CVSS7.3AI score0.00542EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/07/21 12:0 a.m.17 views

Fedora 37 : firefox (2023-9d8fcaee88)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-9d8fcaee88 advisory. - Updated to latest upstream 115.0.2 - Enabled LTO Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...

8.8CVSS8.2AI score0.00542EPSS
Exploits0References2
Mozilla
Mozilla
added 2023/07/20 12:0 a.m.55 views

Security Vulnerabilities fixed in Thunderbird 115.0.1 — Mozilla

During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in...

8.8CVSS8.5AI score0.00556EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder