CVE-2024-29203 TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes

TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s content insertion code. This allowed iframe elements containing malicious code to execute when inserted into the editor. These iframe elements are restricted in their permissions by...

Ubuntu: Security Advisory (USN-4202-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4122-2: Firefox regression

USN-4122-1 fixed vulnerabilities in Firefox. The update caused a regression that resulted in a crash when changing YouTube playback speed in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered i...

Cross site scripting

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history throu...

Ubuntu: Security Advisory (USN-3868-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3868-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code...

USN-3844-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restritions, or execute arbitrary code. CVE-2018-12405, CVE-2018-12406, CVE-2018-1240...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox regressions (USN-3705-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3705-2 advisory. USN-3705-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize...

USN-3705-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, bypass same-origin restrictions, bypass CORS restrictions, bypass CSRF...

USN-3645-2: Firefox regression

USN-3645-1 fixed vulnerabilities in Firefox. The update caused an issue where users experienced long UI pauses in some circumsances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3645-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3645-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacke...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-3596-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3596-2 advisory. USN-3596-1 fixed vulnerabilities in Firefox. The update caused an issue where it was not possible to customize the toolbars when running Firefox in...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3596-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3596-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could...

Ubuntu: Security Advisory (USN-3596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3596-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or opening new tabs, escape the sandbox, bypass same-origin restrictions, obtain...

Ubuntu: Security Advisory (USN-3544-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3530-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3530-1 advisory. It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be...

Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3516-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3516-1 advisory. It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that...

Ubuntu: Security Advisory (USN-3477-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3516-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...