Mozilla Thunderbird < 91.12

The version of Thunderbird installed on the remote Windows host is prior to 91.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-31 advisory. - When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinat...

CVE-2022-36319

The Mozilla Foundation Security Advisory describes this flaw as: When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed...

Security Vulnerabilities fixed in Thunderbird 91.12 — Mozilla

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. When visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

CVE-2022-36319

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

Mozilla Firefox ESR < 91.12

The version of Firefox ESR installed on the remote Windows host is prior to 91.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-29 advisory. - When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinat...

UBUNTU-CVE-2022-36319

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

Mozilla Firefox < 103.0

The version of Firefox installed on the remote Windows host is prior to 103.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-28 advisory. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs...

Security Vulnerabilities fixed in Firefox ESR 91.12 — Mozilla

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. When visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox versions 90.0 through 102.0.1, which stems from an error related to mouse pointer positioning when combining CSS properties for overflow and transformations, which can be...

USN-5525-1: Apache XML Security for Java vulnerability

It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information...

USN-5525-1 libxml-security-java vulnerability

It was discovered that Apache XML Security for Java incorrectly passed a configuration property when creating specific key elements. This allows an attacker to abuse an XPath Transform to extract sensitive information...

xml-security: XPath Transform abuse allows for information disclosure

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any...

be-iq_shared-styled-components (=0.0.26) potentially affected by unknown CVE via plugin-transform-react-jsx (=0.0.1-security)

plugin-transform-react-jsx NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on plugin-transform-react-jsx and may be impacted: - be-iqshared-styled-components =0.0.26 Source cves: unknown CVE Source advisory: OSV:MAL-2022-5373...

Malicious code in plugin-transform-react-jsx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f27c2a663077678179b48cd4851aa8b5aa144a1d4ef1e3bb2cf05526d0b1c7c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5374 Malicious code in plugin-transform-typeof-symbol (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d37e14c9688f52a303b8670134fee30325028b9e1c7cf0ca5c0873e69ed3016 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-26976

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected XSS...

CVE-2022-26974

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to reflected XSS...

CVE-2022-26978

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The osusername parameters is not correctly sanitized, leading to reflected XSS...

CVE-2022-26977

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS...

CVE-2022-26977

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS...