17 matches found
EUVD-2014-5331
Malware in sbrugna...
EUVD-2022-37424
Malicious code in bioql PyPI...
TencentOS Server 2: thunderbird (TSSA-2023:0124)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0124 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
CVE-2022-34469
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. This bug...
GLSA-202312-03 : Mozilla Thunderbird: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202312-03 Mozilla Thunderbird: Multiple Vulnerabilities - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This...
Rocky Linux 9 : thunderbird (RLSA-2023:3587)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3587 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from...
CVE-2023-34414
The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a sit...
CVE-2023-34414
The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user clicks in precise locations immediately before navigating to a sit...
Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-157-01)
The version of mozilla-firefox installed on the remote host is prior to 102.12.0esr / 114.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-157-01 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses...
SUSE CVE-2022-34469
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. This bug...
CVE-2022-34469
When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. This bug...
Security Vulnerabilities fixed in Firefox 102 — Mozilla
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Linux. Other operating systems are unaffected. Session history navigations may...
Mageia: Security Advisory (MGASA-2014-0500)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Workspace App for Linux 1906 giving “Unacceptable TLS Certificate” error
This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company's Help Desk/IT support team and can refer to CTX297149 for more information. With the Citrix Workspace App for Linux 1906 and above, if you are using a SAML store with AuthV3, a...
MGASA-2014-0500 Updated geary package fixes security vulnerability
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate CVE-2014-5444...
CVE-2014-5444
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate...
CVE-2014-5444
Geary before 0.6.3 does not present the user with a warning when a TLS certificate error is detected, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted certificate...