Mozilla Firefox < 64.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 64.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-29 advisory. - A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images...

Security update for MozillaThunderbird (important)

openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2019:0182-1 Rating: important References: 1122983 Cross-References: CVE-2016-5824 CVE-2018-12405 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 CVE-2018-18500 CVE-2018-18501...

[ASA-201902-16] firefox: multiple issues

Arch Linux Security Advisory ASA-201902-16 ========================================== Severity: High Date : 2019-02-13 CVE-ID : CVE-2018-18356 CVE-2018-18511 CVE-2019-5785 Package : firefox Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-896 Summary ======= The packa...

chromium-browser: Insufficient data validation in IndexedDB

Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page...

Security vulnerabilities fixed in Firefox 65.0.1 — Mozilla

A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash. An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash. Cross-origin images can b...

The vulnerability of the _gcry_ecc_ecdsa_sign function in the Libgcrypt cryptographic library allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the gcryeccecdsasign function “cipher/ecc-ecdsa.c” in the cryptographic library Libgcrypt relates to the possibility of determining plausible values for basic parameters of a next digital signature by iterating through cache values and evaluating computational costs. This cou...

Mozilla Firefox ESR < 60.4

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 60.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-30 advisory. - A potential vulnerability leading to an integer overflow can occur during buffer size calculations for...

CVE-2018-18334

A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android Consumer versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy SOP and obtain sensitive information via crafted JavaScript code on vulnerable installations...

Design/Logic Flaw

A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android Consumer versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy SOP and obtain sensitive information via crafted JavaScript code on vulnerable installations...

CVE-2018-18334

A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android Consumer versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy SOP and obtain sensitive information via crafted JavaScript code on vulnerable installations...

CVE-2018-18334

A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android Consumer versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy SOP and obtain sensitive information via crafted JavaScript code on vulnerable installations...

The vulnerability of the Archive::Tar module in the Perl programming language allows a hacker to bypass established access controls and compromise the integrity of information.

The vulnerability of the Archive::Tar module in the Perl programming language is related to a flaw in the mechanism for protecting against directory traversal attacks. Exploiting this vulnerability allows an attacker to bypass established access controls and re-record any file through an archive...

CentOS 6 : thunderbird (CESA-2019:0159)

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

CentOS Update for thunderbird CESA-2019:0160 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

thunderbird security update

CentOS Errata and Security Advisory CESA-2019:0159 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

thunderbird security update

CentOS Errata and Security Advisory CESA-2019:0160 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Google Chrome Insufficient Data Validation Vulnerability

Chrome is a web browsing tool developed by Google. A data validation insufficiency vulnerability exists in IndexedDB in Google Chrome versions prior to 72.0.3626.81. An attacker can exploit this vulnerability to bypass the same source policy via a crafted HTML page...

CVE-2019-5773

Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page...

Mozilla Thunderbird < 60.2.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 60.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-25 advisory. - A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20190125)

This update upgrades Thunderbird to version 60.4.0. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 CVE-2018-12405 - chromium-browser, firefox: Memory corruption in Angle CVE-2018-17466 - Mozilla: Use-after-free with select element CVE-2018-18492 - Mozilla:...