MiracleLinux 9 : thunderbird-102.14.0-1.el9.ML.1 (AXSA:2023-6344:22)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6344:22 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 8 : firefox-102.14.0-1.el8.ML.1 (AXSA:2023-6318:29)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6318:29 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

RLSA-2023:4499 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation CVE-2023-4046 Mozilla:...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...

Mozilla: Stack buffer overflow in StorageManager

The Mozilla Foundation Security Advisory describes this flaw as: In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update ...

Mozilla: Stack buffer overflow in StorageManager

The Mozilla Foundation Security Advisory describes this flaw as: In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape...

Mozilla: Stack buffer overflow in StorageManager

The Mozilla Foundation Security Advisory describes this flaw as: In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape...

RHEL 8 : thunderbird (RHSA-2023:4496)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4496 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla...

Mozilla: Stack buffer overflow in StorageManager

The Mozilla Foundation Security Advisory describes this flaw as: In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape...

Mozilla: Stack buffer overflow in StorageManager

The Mozilla Foundation Security Advisory describes this flaw as: In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape...

RHEL 8 : firefox (RHSA-2023:4464)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4464 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Mozilla Firefox Security Advisories (MFSA2023-26, MFSA2023-31) - Windows

Mozilla Firefox is prone to multiple use-after-free vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Mozilla Thunderbird Security Advisories (MFSA2023-29, MFSA2023-32) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Samsung SMR Access Control Error Vulnerability (CNVD-2022-63645)

Samsung SMR is a system patch package from South Korea's Samsung Samsung. It provides patches for Samsung mobile applications.Samsung SMR suffers from an access control error vulnerability, which stems from incorrect access control and path traversal in StroageManager and StroageManagerService. A...

Samsung SMR 安全漏洞

Samsung SMR is a system patch package from South Korea's Samsung Samsung. It provides patches for Samsung mobile applications.Samsung SMR suffers from an access control error vulnerability, which stems from incorrect access control and path traversal in StroageManager and StroageManagerService. A...

Synology DiskStation Manager smart.cgi - Remote Command Execution

This Metasploit module exploits a vulnerability found in Synology DiskStation Manager DSM versions prior to 5.2-5967-5... This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d...

Synology DiskStation Manager smart.cgi Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation...

Synology StorageManager 5.2 Remote Command Execution

''' SSD Advisory a Synology StorageManager smart.cgi Remote Command Execution Full report: https://blogs.securiteam.com/index.php/archives/3540 Twitter: @SecuriTeamSSD Weibo: SecuriTeamSSD i?Vulnerability Summary The following advisory describes a remote command execution vulnerability found in...

Synology StorageManager smart.cgi Remote Command Execution

Vulnerability Summary The following advisory describes a remote command execution vulnerability found in Synology StorageManager. Storage Manager is “a management application that helps you organize and monitor the storage capacity on your Synology NAS. Depending on the model and number of...