firefox: Clickjacking the registerProtocolHandler info-bar Reporter

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...

firefox: Clickjacking the registerProtocolHandler info-bar Reporter

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...

firefox: Clickjacking the registerProtocolHandler info-bar Reporter

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...

firefox: Clickjacking the registerProtocolHandler info-bar Reporter

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...

firefox: Clickjacking the registerProtocolHandler info-bar Reporter

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...

Amazon Linux 2 : thunderbird (ALAS-2025-2789)

The version of thunderbird installed on the remote host is prior to 128.7.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2789 advisory. A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This...

CVE-2025-2116

CVE-2025-2116 affects Beijing Founder Electronics’ Founder Enjoys All-Media Acquisition and Editing System 3.0. The vulnerability exists in the File Protocol Handler’s /newsedit/newsedit/xy/imageProxy.do, where manipulating the xyImgUrl parameter enables server-side request forgery. The issue is ...

CVE-2025-2116 Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgery

A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /newsedit/newsedit/xy/imageProxy.do of the component File Protocol Handle...

CVE-2025-2116 Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgery

A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /newsedit/newsedit/xy/imageProxy.do of the component File Protocol Handle...

Important: thunderbird

Issue Overview: A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132. CVE-2024-10458 An attacker could have caused a...

firefox: Clickjacking the registerProtocolHandler info-bar Reporter

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...

firefox: Clickjacking the registerProtocolHandler info-bar Reporter

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...

UBUNTU-CVE-2025-1935

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2025-1935

CVE-2025-1935 is described in connected advisories as a UI/protocol-handler spoof affecting Firefox and Thunderbird before versions 136 (Firefox) / 128.8 (Firefox ESR) and before 136 (Thunderbird) / 128.8 (Thunderbird). The issue allows a malicious web page to coax a user into setting that site a...

CVE-2025-1935 Clickjacking the registerProtocolHandler info-bar

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

Amazon Linux 2 : firefox (ALASFIREFOX-2025-035)

The version of firefox installed on the remote host is prior to 128.7.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-035 advisory. The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. Thi...

Amazon Linux 2 : thunderbird (ALAS-2025-2765)

The version of thunderbird installed on the remote host is prior to 128.7.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2765 advisory. A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This...

Amazon Linux 2 : firefox (ALASFIREFOX-2025-034)

The version of firefox installed on the remote host is prior to 128.7.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-034 advisory. The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe. Thi...

Important: thunderbird

Issue Overview: A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132. CVE-2024-10458 An attacker could have caused a...

PT-2025-1400 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions = 2.6.4 Description: The issue is caused by a buffer overflow in the ASN.1 deserialization function of the S1AP handler, leading to type confusion in decoded fields. This results in invalid parsing and freeing of memory,...