1179 matches found
DEBIAN-CVE-2022-3028
A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...
MAL-2022-1409 Malicious code in babel-plugin-transfvrm-rvntime (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a81b30912fad1ce99bf876e2494d9b453fb18c220c6bb64401b3ef47b177394 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1415 Malicious code in babel-pzugin-transform-es2015-modues-commonjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f487dcb86915ec1bb46550b2f2a4b5cc2d0deb6cdabc7fb8b3ca164467e27876 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babelplugintransfomreactremoveproptypes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 118d5e800455cde3fd9da5c424f41242c449f5bdb4665b9f989cffe0d63e215c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babelpugintransformreactjsx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c5382dcc5be3a730f882330e09a06e62a180f32a8cb289d9f1dcd438ca6e2d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1420 Malicious code in babelllugintransformes2015modulescommonjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85a16e3db18168e71a2eeec8f9190a55ae782642089ef8b41719535a6a434a82 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
UBUNTU-CVE-2022-38228
XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc...
XPDF 缓冲区错误漏洞
XPDF is an open source PDF reader from FOO Labs. The product supports decoding files in LZW compressed format and reading encrypted PDF files. XPDF suffers from a buffer error vulnerability that stems from DCTStream::transformDataUnit in /xpdf/Stream.cc contains a heap buffer overflow...
AlmaLinux 8 : firefox (5777) (ALSA-2022:5777)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:5777 advisory. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102. Some of these bugs showed evidence of memory...
Oracle Linux 8 : thunderbird (ELSA-2022-5774)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5774 advisory. 91.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.12.0-1 - Update to 91.12.0 build1 Tenable has...
Oracle Linux 9 : firefox (ELSA-2022-5767)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5767 advisory. 91.12.0-2.0.1 - Removed Upstream references 91.12.0-1 - Update to 91.12.0 build1 Tenable has extracted the preceding description block directly from th...
Oracle Linux 8 : firefox (ELSA-2022-5777)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5777 advisory. 91.12.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.12.0-1 - Update to 91.12...
Mozilla: Mouse Position spoofing with CSS transforms
The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed...
Mozilla: Mouse Position spoofing with CSS transforms
The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed...
Mozilla: Mouse Position spoofing with CSS transforms
The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed...
Mozilla: Mouse Position spoofing with CSS transforms
The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed...
Mozilla: Mouse Position spoofing with CSS transforms
The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed...
Mozilla: Mouse Position spoofing with CSS transforms
The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed...
Oracle Linux 7 : thunderbird (ELSA-2022-5773)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5773 advisory. 91.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 91.12.0-1 - Update to...
Mozilla Thunderbird < 91.12
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 91.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-31 advisory. - When combining CSS properties for overflow and transform, the mouse cursor could interact with different...