CVE-2018-6145

Removed by vendor...

CVE-2018-6145

Technical details about CVE-2018-6145 are not publicly available in the provided documents; monitor for updates.

CVE-2019-9701

DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting XSS vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls...

flash-plugin: Same origin policy bypass leading to information disclosure

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...

RHEL 6 : flash-plugin (RHSA-2019:1476)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1476 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to...

Critical Flaw Reported in Popular Evernote Extension for Chrome Users

Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed. Evernote is a popular service that helps people taking notes and organize their to-do...

Mozilla: Stealing of cross-domain images using canvas

Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

mozilla: Cross-origin theft of images with ImageBitmapRenderingContext

Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. Note: This only affects Firefox 65. Previous versions are unaffected.. This vulnerability affects Firefox 65.0.1...

Mozilla: Cross-origin theft of images with createImageBitmap

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox 66...

Mozilla: Stealing of cross-domain images using canvas

Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

mozilla: Cross-origin theft of images with ImageBitmapRenderingContext

Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. Note: This only affects Firefox 65. Previous versions are unaffected.. This vulnerability affects Firefox 65.0.1...

Mozilla: Stealing of cross-domain images using canvas

Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

Mozilla: Cross-origin theft of images with createImageBitmap

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox 66...

Ubuntu: Security Advisory (USN-3997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-3997-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3997-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing...

EulerOS 2.0 SP3 : firefox (EulerOS-SA-2019-1571)

According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 CVE-2019-9788 - Mozilla: Use-after-free when removing in-use DOM elements...

USN-3997-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin protections, or execute arbitrary code. CVE-2019-18511,...

Information Disclosure

firefox/thunderbird is vulnerable to information disclosure. Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy...

Information Disclosure

firefox/thunderbird is vulnerable to information disclosure. Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element...

Information Disclosure

firefox/thunderbird is vulnerable to information disclosure. Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method...