7 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987116)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987116 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts...
Mozilla: Potential leak of redirect targets when loading scripts in a worker
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox 79, Firefox ESR 68.11, Firefox ESR 78.1, Thunderbird 68.11, and Thunderbi...
Mozilla: Potential leak of redirect targets when loading scripts in a worker
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox 79, Firefox ESR 68.11, Firefox ESR 78.1, Thunderbird 68.11, and Thunderbi...
Mozilla: Potential leak of redirect targets when loading scripts in a worker
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox 79, Firefox ESR 68.11, Firefox ESR 78.1, Thunderbird 68.11, and Thunderbi...
Grammarly: Handling of `tracking` command allows making arbitrary blind requests with user's cookies from Grammarly Extension's origin
Summary: Attacker could trigger Grammarly extension's gnar.fetch command using a crafted page to perform XHR with cookies and any configurational params to any cross-origin resource. Description: Page could Init Grammarly popup editor no user gesture, helper Events have isTrusted property, which...
CVE-2017-10955
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection Advisor 6.3.0. Authentication is required to exploit this vulnerability. The specific flaw exists within the EMC DPA Application service, which listens on TCP port 9002 by...
Cyrus Sieve / libSieve buffer overflow
problem ------- Cyrus' Sieve implementation contains a couple of classic string based buffer overflows in script parsing code. Anyone who can execute Sieve scripts can exploit these bugs. Versions up to libSieve 2.1.2 and Cyrus IMAP 2.1.10 are affected. Note that with Cyrus IMAP server exploiting...