2193 matches found
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer
The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...
USN-6509-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-6206, CVE-2023-6210,...
DEBIAN-CVE-2023-6207
Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...
UBUNTU-CVE-2023-6207
Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and Thunderbird 115.5...
Oracle Linux 8 : tang (ELSA-2023-7022)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-7022 advisory. 7-8 - Set correct user/group tang/tang in tangd-keygen Resolves: rhbz2188743 7-7 - Fix race condition when creating/rotating keys Resolves: rhbz2182410 Resolves...
cloud-init: sensitive data could be exposed in logs
A vulnerability was found in cloud-init. With this flaw, exposure of sensitive data is possible in world-readable cloud-init logs. This flaw allows an attacker to use this information to find hashed passwords and possibly escalate their privilege...
Moderate: Red Hat Security Advisory: fwupd security update
An update for fwupd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
fwupd: world readable password in /etc/fwupd/redfish.conf
A flaw was found in fwupd. When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file...
Moderate: fwupd security update
The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
cloud-init: sensitive data could be exposed in logs
A vulnerability was found in cloud-init. With this flaw, exposure of sensitive data is possible in world-readable cloud-init logs. This flaw allows an attacker to use this information to find hashed passwords and possibly escalate their privilege...
SUSE CVE-2015-1870
The event scripts in Automatic Bug Reporting Tool ABRT uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors...
Jenkins: Temporary file parameter created with insecure permissions
A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the defau...