RLSA-2022:0818 Critical: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.7.0 ESR. Security Fixes: Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework...

Moodle CVE-2019-14879 Security Bypass Vulnerability

Description Moodle is prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Moodle version 3.7 through 3.7.2, 3.6 through 3.6.6, 3.5 through 3.5...

Cisco Unified Customer Voice Portal Denial of Service Vulnerability

A vulnerability in the application server of the Cisco Unified Customer Voice Portal CVP could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during...

MacOS X 10.1.x SoftwareUpdate Arbitrary Package Installation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5176/info A vulnerability has been reported for MacOS X where an attacker may use SoftwareUpdate to install malicious software on the vulnerable system. SoftwareUpdate uses HTTP, without any authentication, to obtain...

JVN#70502960: phpWebSite vulnerable to cross-site scripting

phpWebSite is a content management system CMS. phpWebSite contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products...

CVE-2002-0676

SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates...

Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation

source: https://www.securityfocus.com/bid/5176/info A vulnerability has been reported for MacOS X where an attacker may use SoftwareUpdate to install malicious software on the vulnerable system. SoftwareUpdate uses HTTP, without any authentication, to obtain updates from Apple. Any updated packag...

MacOS X SoftwareUpdate Vulnerability

---------------------------------------------------------------------------- MacOS X SoftwareUpdate Vulnerability. ---------------------------------------------------------------------------- Date: July 6, 2002 Version: MacOS 10.1.X and possibly 10.0.X Problem: MacOS X SoftwareUpdate connects to...

Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation

Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation source: https://www.securityfocus.com/bid/5176/info A vulnerability has been reported for MacOS X where an attacker may use SoftwareUpdate to install malicious software on the vulnerable system. SoftwareUpdate uses HTTP, without...