33 matches found
MAL-2026-4805 Malicious code in metricflow-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9a1c269ce5e462d7e555ce1ca34b7f2e54e3d34ea094d35a67aa7c61d1fe34e The package's exported Metricflow React component defaults serverUrl to http://51.38.65.105:21531 and, when rendered, appends a tag to document.head ...
Astra Linux - уязвимость в thunderbird, firefox
Module load requests that failed were not checked to determine whether they had been cancelled, resulting in a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2025-14498
TradingView Desktop Electron Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TradingView Desktop. An attacker must first obtain the ability to execute low-privileged code on the target...
firefox: thunderbird: Script element events leaked cross-origin resource status
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...
firefox: thunderbird: Script element events leaked cross-origin resource status
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...
CVE-2024-6449
HyperView Geoportal Toolkit in versions lower than 8.5.0 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters. An unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by t...
DEBIAN-CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Oracle Linux 7 : thunderbird (ELSA-2023-0817)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-0817 advisory. 102.8.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.8.0-2 - Update to...
MGASA-2023-0056 Updated firefox packages fix security vulnerability
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled CVE-2023-0767. The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...
Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
The Mozilla Foundation Security Advisory describes this flaw as: Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext...