1803 matches found
firefox security update
140.9.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.9.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.9.1-1 - Update to 140.9.1 ESR...
Oracle Linux 9 : firefox (ELSA-2026-7671)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7671 advisory. 140.9.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...
EUVD-2018-21770
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
CVE-2018-25258
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
CVE-2019-25695 R 3.4.4 Local Buffer Overflow Windows XP SP3
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...
CVE-2018-25258 RGui 3.5.0 Local Buffer Overflow SEH DEP Bypass
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
CVE-2018-25258
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
CVE-2018-25258
CVE-2018-25258 affects RGui 3.5.0. The issue is a local buffer overflow in the GUI preferences dialog, enabling DEP bypass via structured exception handling and a stack-based overflow triggered by input in the Language for menus and messages field. This can be exploited to construct a ROP chain f...
CVE-2018-25258 RGui 3.5.0 Local Buffer Overflow SEH DEP Bypass
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
R 缓冲区错误漏洞
R is a statistical computing software developed by The R Foundation. Version 3.4.4 of R contains a buffer overflow vulnerability, which stems from insufficient input validation for the GUI Preferences language field. This vulnerability could lead to a local buffer overflow and the execution of...
PT-2026-32178
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based...
RGui 代码问题漏洞
RGui is a web interface system for cloud platform management and resource visualization operations by The R Foundation. Version RGui 3.5.0 has a code vulnerability; this vulnerability stems from a local buffer overflow in the GUI preferences dialog box, which may allow arbitrary code to be execut...
Oracle Linux 8 : thunderbird (ELSA-2026-6917)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-6917 advisory. 140.9.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.9.0 - Add OpenELA debranding 140.9.0-1 - Update to 140.9.0 ESR Tenab...
CVE-2026-34765 Electron named window.open targets not scoped to the opener's browsing context
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, when a renderer calls window.open with a target name, Electron did not correctly scope the named-window lookup to the opener's browsing...
CVE-2026-34765 Electron named window.open targets not scoped to the opener's browsing context
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, when a renderer calls window.open with a target name, Electron did not correctly scope the named-window lookup to the opener's browsing...
Exposure of Resource to Wrong Sphere
Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere via the window.open function. An attacker can gain access to or...
Exposure of Resource to Wrong Sphere
Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere via the window.open function. An attacker can gain access to or manipulate the browsin...
WebSP-Eval: Evaluating Web Agents on Website Security and Privacy Tasks
Web agents automate browser tasks, ranging from simple form completion to complex workflows like ordering groceries. While current benchmarks evaluate general-purpose performancee.g., WebArena or safety against malicious actionse.g., SafeArena, no existing framework assesses an agent's ability to...
PT-2026-30918
Name of the Vulnerable Software and Affected Versions Electron versions prior to 39.8.5 Electron versions prior to 40.8.5 Electron versions prior to 41.1.0 Electron versions prior to 42.0.0-alpha.5 Description Electron did not correctly scope the named-window lookup to the opener's browsing conte...
thunderbird security update
140.9.0-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.9.0 - Add OpenELA debranding 140.9.0-1 - Update to 140.9.0 ESR...