8307 matches found
Debian dla-3523 : firefox-esr - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3523 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3523-1 [email protected]...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2023:3228-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3228-1 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to...
SUSE-SU-2023:3237-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.40.5 bsc1213905: - CVE-2023-38133: Fixed information disclosure. - CVE-2023-38572: Fixed Same-Origin-Policy bypass. - CVE-2023-38592: Fixed arbitrary code execution. - CVE-2023-38594: Fixed arbitrary code execution. -...
SUSE-SU-2023:3233-1 Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.40.5 bsc1213905: - CVE-2023-38133: Fixed information disclosure. - CVE-2023-38572: Fixed Same-Origin-Policy bypass. - CVE-2023-38592: Fixed arbitrary code execution. - CVE-2023-38594: Fixed arbitrary code execution. -...
Rocky Linux 8 : firefox (RLSA-2023:4468)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4468 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...
Rocky Linux 8 : thunderbird (RLSA-2023:4497)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4497 advisory. - Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document fil...
Rocky Linux 9 : firefox (RLSA-2023:4462)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4462 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions
The Mozilla Foundation Security Advisory describes this flaw as: Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy...
Debian: Security Advisory (DSA-5468-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Same-Origin Policy Bypass
chromium is vulnerable to Same-Origin Policy Bypass. The vulnerability exists due to the insufficient policy enforcement in Intents of the library, allowing an attacker to bypass same origin policy via a maliciously crafted HTML page...
CVE-2023-0264
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue...
Debian DSA-5464-1 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5464 advisory. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the...
AlmaLinux 9 : firefox (ALSA-2023:4462)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4462 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...