Oracle Linux 10 : firefox (ELSA-2026-3361)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3361 advisory. 140.8.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Re...

Oracle Linux 10 : firefox (ELSA-2026-2271)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-2271 advisory. 140.7.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Re...

thunderbird security update

140.5.0-2.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.5.0 - Add OpenELA debranding 140.5.0-2 - Update to 140.5.0 ESR...

Oracle Linux 10 : firefox (ELSA-2025-18154)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-18154 advisory. 140.4.0-3.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

Portábilis i-Educar 安全漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you in basic and technical education. A security vulnerability exists in Portábilis i-Educar version 2.10 and earlier, which stems from a SQL injection attack due to the incorrect operation of the parameter codagenda in the...

thunderbird security update

128.11.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 128.11.0 - Add OpenELA debranding 128.11.0-1 - Update to 128.11.0 128.10.1-1 - Update to 128.10.1...

firefox security update

115.8.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.8.0-1 - Update to 115.8.0 build1...

PT-2024-13323 · Minizinc · Minizinc

Name of the Vulnerable Software and Affected Versions: MiniZinc affected versions not specified Description: The issue is related to a null pointer dereference in MiniZinc, which can be triggered via a crafted Preferences.json file. Recommendations: At the moment, there is no information about a...

PT-2024-14035 · Appwrite · Appwrite Cli

Name of the Vulnerable Software and Affected Versions: Appwrite CLI versions prior to 3.0.0 Description: The issue arises when using the login command in Appwrite CLI, where the credentials of the Appwrite user are stored in a /.appwrite/prefs.json file with 0644 as UNIX permissions. This allows...

CVE-2022-32320

A Cross-Site Request Forgery CSRF in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file...

DEBIAN-CVE-2020-28984

prive/formulaires/configurerpreferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, displaynavigation, displayoutils, imessage, and spipecran parameters...

Bypassing App Lock (Pattern/Passcode/Fingerprint lock | Android) (oC-SA-2020-003)

Given an attacker has physical access, creating a backup of the ownCloud Android app via adb provides access to the app preferences file. Contained in the file were settings related to the app lock feature such as the pincode/pattern and if the respective lock is active. An attacker could change...

RosarioSIS Cross-Site Scripting Vulnerability (CNVD-2020-42950)

RosarioSIS is a student information system for school management. A cross-site scripting vulnerability exists in RosarioSIS 6.7.2. The vulnerability stems from improper validation of user-supplied input in the Preferences.php script. A remote attacker can exploit the vulnerability by using the ta...

firefox security update

60.8.0-1.0.2 - Rebuild to pickup Oracle default bookmarks Orabug: 30069264 60.8.0-1.0.1 Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file...

PT-2018-10651

Name of the Vulnerable Software and Affected Versions The Olive Tree Ftp Server application version 1.32 Description The issue concerns insecure data storage. Specifically, a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared prefs/com.theolivetree.ftpserver...

Design/Logic Flaw

In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences. Because there is a static RC4 key, an attacker can gain access to user credentials more easily by leveraging access to the preferences XML fi...

CVE-2017-15997

In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences. Because there is a static RC4 key, an attacker can gain access to user credentials more easily by leveraging access to the preferences XML fi...

Google Chrome Javascript Execution Vulnerability

Google Chrome is a popular web browser. A javascript execution vulnerability exists in Google Chrome's default search engine. An attacker is able to manipulate the masterpreferences file on the victim's machine...

thunderbird security update

1.5.0.12-44.0.1.el4 - Add thunderbird-oracle-default-prefs.js for errata rebuild and remove thunderbird-redhat-default-prefs.js - Replaced clean.gif in tarball 1.5.0.12-44 - Added fixes from 1.9.2.23...

SAWStudio 3.9i Buffer Overflow Proof Of Concept

SAWStudio 3.9i prf file Buffer overflow Poc By:Encrypt3d.M!nd Greetz:-=Mizo=-,L!0N,El Mariachi,MiNi SpIder,GGY,and all my friends when you import Prefernces File "prf file" contain long characters an overflow will occure,and the registers will be just like this: EAX:41414141 ECX:00000000...