Fedora: Security Advisory for golang-x-text (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-x-text-0.3.7-2.fc36

Text is a repository of text-related packages related to internationalization i18n and localization l10n, such as character encodings, text transformations, and locale-specific text handling...

Velociraptor Version 0.6.5: Table Transformations, Multi-Lingual Support, and Better VQL Error-Handling Let You Dig Deeper Than Ever

Rapid7 is pleased to announce the release of Velociraptor version 0.6.5 – an advanced, open-source digital forensics and incident response DFIR tool that enhances visibility into your organization’s endpoints. This release has been in development and testing for several months now, and we are...

CVE-2022-30522 mod_sed denial of service

If Apache HTTP Server 2.4.53 is configured to do transformations with modsed in contexts where the input to modsed may be very large, modsed may make excessively large memory allocations and trigger an abort...

USN-5358-2 linux-aws-5.4, linux-aws-5.13, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm, linux-ibm-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 It was discovered that the IPsec implementati...

USN-5358-2: Linux kernel vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 It was discovered that the IPsec implementati...

Mozilla: Use-after-free in XSLT parameter processing

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Removing an XSLT parameter during processing could have led to an exploitable use-after-free issue. There were reports of attacks in the wild abusing this flaw...

Mozilla: Use-after-free in XSLT parameter processing

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Removing an XSLT parameter during processing could have led to an exploitable use-after-free issue. There were reports of attacks in the wild abusing this flaw...

Horde Webmail 5.2.22 - Account Takeover via Email

Horde Webmail is a free, enterprise-ready, and browser-based communication suite developed by the Horde project. It is a popular webmail solution for universities and government agencies to exchange sensitive email messages on a daily basis. It is also shipped as part of the popular hosting...

The vulnerability in the isolated iframe environment of Thunderbird email clients, as well as Firefox and Firefox ESR browsers, allows an attacker to bypass the isolated JavaScript iframe environment and execute arbitrary JavaScript code in a random window.

The vulnerability in the isolated iframe environment of Thunderbird email clients, as well as Firefox and Firefox ESR browsers, relates to exploiting security restrictions during the execution of XSLT transformations using iframe-based environments. Exploiting this vulnerability allows an attacke...

Mozilla: Iframe sandbox bypass with XSLT

The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...

Mozilla: Iframe sandbox bypass with XSLT

The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...

Mozilla: Iframe sandbox bypass with XSLT

The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox...

Mozilla Firefox 安全特征问题漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security signature issue vulnerability exists in Mozilla Firefox due to an error in the implementation of the iframe sandbox when processing XSLT markup. A remote attacker can bypass the iframe sandbox and execute...

The vulnerability of the Mozilla Firefox browser and the Mozilla Thunderbird email client, related to errors in cryptographic transformations, allows attackers to perform spear-phishing attacks.

The vulnerability of the Mozilla Firefox browser and the Mozilla Thunderbird email client is related to errors in cryptographic transformations. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

The vulnerability of the Mozilla Firefox browser and the Mozilla Thunderbird email client, related to errors in cryptographic transformations, allows attackers to perform spear-phishing attacks.

The vulnerability of the Mozilla Firefox browser is related to errors in cryptographic transformations. Exploiting this vulnerability allows a remote attacker to conceal notifications for pages and perform spear-phishing attacks...

The vulnerability of the Distributed File component in the HarmonyOS operating system, related to errors in cryptographic transformations, allows attackers to read and delete images from Harmony devices.

The vulnerability of the Distributed File component in the HarmonyOS operating system is related to errors in cryptographic transformations. Exploiting this vulnerability allows a malicious actor to remotely read and delete images from Harmony devices...

Mozilla: iframe sandbox rules did not apply to XSLT stylesheets

The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...

Mozilla Firefox Security Advisory (MFSA2016-27) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla: iframe sandbox rules did not apply to XSLT stylesheets

The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...