18 matches found
EUVD-2018-10082
Malware in sbrugna...
CVE-2024-22424 Cross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery CSRF attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo C...
RHEL 9 : firefox (RHSA-2022:8979)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8979 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
thunderbird security update
CentOS Errata and Security Advisory CESA-2022:8555 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
RHEL 8 : firefox (RHSA-2022:8554)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8554 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
ALSA-2022:8554 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.5.0 ESR. Security Fixes: Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen...
RHEL 8 : thunderbird (RHSA-2022:8544)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:8544 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.5.0. Security Fixes: Mozilla:...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.5.0 ESR. Security Fixes: Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen...
Authentication Bypass
firefox is vulnerable to authentication bypass. The vulnerability exists when a ServiceWorker intercepted a request with FetchEvent which allows an attacker to bypass SameSite cookie policy by sending malicious requests...
Debian: Security Advisory (DLA-3199-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3199-1] firefox-esr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3199-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 17, 2022 https://wiki.debian.org/LTS -...
Mozilla Firefox ESR Security Advisories (MFSA2022-47, MFSA2022-49) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Firefox Security Advisory (MFSA2022-47) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2018-18351
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page...
Design/Logic Flaw
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page...
CVE-2018-18351
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page...
CVE-2018-18351
CVE-2018-18351 is a Chromium/Google Chrome vulnerability described in connected sources as an access restriction bypass in the Navigation component, caused by insufficient policy enforcement that allows bypassing the SameSite cookie policy via a crafted HTML page. Affected product: Chromium/Chrom...