28 matches found
CVE-2026-45563 Roxy-WI: IDOR — any authenticated user can read another user's full action history
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, GET /history// re-uses the serverip path parameter as a user-id when service == 'user', with no authorization check. Any authenticated user — even a guest in an unrelated group —...
CVE-2026-45563
CVE-2026-45563 affects Roxy-WI, a web interface for managing HAProxy, Nginx, Apache and Keepalived. In versions ≤ 8.2.6.4, GET /history// re-uses the server_ip path parameter as a user-id when service == 'user', without any authorization check. This enables any authenticated user (including a gue...
EUVD-2017-16819
Malware in sbrugna...
EUVD-2022-42605
Malicious code in bioql PyPI...
CVE-2022-21146
Persistent cross-site scripting in the web interface of ipDIO allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into a specific parameter. The XSS payload will be executed when a legitimate user attempts to review history...
CentOS 7 : thunderbird (CESA-2019:1309)
An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
thunderbird security update
CentOS Errata and Security Advisory CESA-2019:1310 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Updated firefox packages fix security vulnerabilities
Updated firefox packages fix security vulnerabilities. Cross-origin theft of images with ImageBitmapRenderingContext. CVE-2018-18511 Out-of-bounds read in Skia. CVE-2019-5798 Use-after-free in pngimagefree of libpng library. CVE-2019-7317 Cross-origin theft of images with createImageBitmap...
Updated thunderbird packages fix security vulnerabilities
Updated thunderbird packages fixes bugs and security vulnerabilities: Cross-origin theft of images with ImageBitmapRenderingContext. CVE-2018-18511 Out-of-bounds read in Skia. CVE-2019-5798 Use-after-free in pngimagefree of libpng library. CVE-2019-7317 Cross-origin theft of images with...
MGASA-2019-0191 Updated firefox packages fix security vulnerabilities
Updated firefox packages fix security vulnerabilities. Cross-origin theft of images with ImageBitmapRenderingContext. CVE-2018-18511 Out-of-bounds read in Skia. CVE-2019-5798 Use-after-free in pngimagefree of libpng library. CVE-2019-7317 Cross-origin theft of images with createImageBitmap...
Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20190604)
Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 - Mozilla: Cross-origin theft of images with createImageBitmap CVE-2019-9797 - Mozilla: Stealing of cross-domain images using canvas CVE-2019-9817 - Mozilla: Compartment mismatch with fetch API...
RHEL 6 : thunderbird (RHSA-2019:1310)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1310 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Security Fixes: Mozilla:...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
CentOS Update for firefox CESA-2019:1265 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
firefox security update
CentOS Errata and Security Advisory CESA-2019:1267 An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Scientific Linux Security Update : firefox on SL7.x x86_64 (20190524)
This update upgrades Firefox to version 60.7.0 ESR. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 - Mozilla: Cross-origin theft of images with createImageBitmap CVE-2019-9797 - Mozilla: Type confusion with object groups and UnboxedObjects...
Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20190523)
Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 - Mozilla: Cross-origin theft of images with createImageBitmap CVE-2019-9797 - Mozilla: Type confusion with object groups and UnboxedObjects CVE-2019-9816 - Mozilla: Stealing of cross-domain imag...
RHEL 6 : firefox (RHSA-2019:1267)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1267 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Critical: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...