2242 matches found
Information Disclosure
firefox-esr is vulnerable to Information Disclosure. The vulnerability occurs due to push notification data stored in private browser mode not being encrypted resulting in a potential leakage of sensitive information...
SUSE CVE-2023-4580
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...
CVE-2023-4580
The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...
USN-6320-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-4573, CVE-2023-4574,...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox that originates from unencrypted push notifications stored on disk in private browsing mode, which could lead to the disclosure of sensitive informati...
CVE-2023-4580
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...
Mozilla Firefox Security Advisories (MFSA2023-32, MFSA2023-36) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
UBUNTU-CVE-2023-4580
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...
Mozilla Firefox ESR < 115.2
The version of Firefox ESR installed on the remote Windows host is prior to 115.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-36 advisory. - Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed...
Mozilla Firefox < 117.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 117.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-34 advisory. - Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs show...
WordPress Push Notification for Post and BuddyPress Plugin < 1.64 is vulnerable to Broken Access Control
Software Push Notification for Post and BuddyPress Type Plugin Vulnerable versions 1.64 Fixed in 1.64 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID d085fa7b4246 Credits Unknown Required...
Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Vulnerability
Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Version: 2.14.0 Tested on: Windows 10...
Improper Input Validation
trafficserver is vulnerable to Improper Input Validation. The configuration option proxy.config.http.pushmethodenabled doesn't function. However, by default the PUSH method is blocked in the ipallow configuration file...
Adlisting Classified Ads 2.14.0 Information Disclosure
Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 25/07/2023 Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Tested on: Windows 10...
CVE-2023-20891
The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF...
CVE-2023-20891
The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF...
July 25, 2023—KB5028245 (OS Build 22000.2245) Preview
July 25, 2023—KB5028245 OS Build 22000.2245 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 21H2, see its update history page.Note Follow @WindowsUpdate to fin...
DEBIAN-CVE-2023-3745
A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash, resulting in a...
PT-2023-25972 · Unknown +1 · Imagemagick +1
Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a special...
CVE-2023-32482
Wyse Management Suite versions prior to 4.0 contain an improper authorization vulnerability. An authenticated malicious user with privileged access can push policies to unauthorized tenant group...