Updated firefox packages fix security vulnerability

Updated nss and firefox packages fix security vulnerabilities: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys CVE-2020-12399. Side channel vulnerabilities during RSA key generation in NSS CVE-2020-12402. When browsing ...

Security Vulnerabilities fixed in Thunderbird 68.10.0 — Mozilla

Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash.Note: this issue only affects Firefox on ARM64 platforms. Manipulating individual parts of a URL object could have caused an...

CVE-2020-6503

Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2011-2863

Insufficient policy enforcement in V8 in Google Chrome prior to 14.0.0.0 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Design/Logic Flaw

Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Design/Logic Flaw

Insufficient policy enforcement in V8 in Google Chrome prior to 14.0.0.0 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2011-2863

Insufficient policy enforcement in V8 in Google Chrome prior to 14.0.0.0 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2020-6503

Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2011-2863

Insufficient policy enforcement in V8 in Google Chrome prior to 14.0.0.0 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2011-2863

The CVE describes an information-disclosure vulnerability in Google Chrome’s V8 JavaScript engine, occurring in versions before 14.0.0.0 due to insufficient policy enforcement. A remote attacker could obtain potentially sensitive information from process memory via a crafted HTML page. Affected p...

About the security content of Safari 13.1.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

About the security content of Safari 13.1.1

About the security content of Safari 13.1.1 This document describes the security content of Safari 13.1.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

CVE-2020-6473

Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Design/Logic Flaw

Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2020-6473

Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

Design/Logic Flaw

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension...

CVE-2020-6473

Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

CVE-2020-6473

CVE-2020-6473 is a Blink/WebKit policy-enforcement error in Google Chrome prior to 83.0.4103.61 that could allow a remote attacker to obtain potentially sensitive information from a process’s memory via a crafted HTML page. Documents from Debian and Arch Linux confirm the vulnerability in Chrome/...

CVE-2020-6472

CVE-2020-6472 affects Chromium-based browsers (e.g., Chrome/Chromium) through the developer tools policy enforcement component. Affected version lineage is before 83.0.4103.61, per multiple advisories. The vulnerability is a policy enforcement error in the developer tools that could allow an atta...

CVE-2020-6472

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension...