Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 109. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions prior to 110...

Astra Linux - уязвимость в firefox

A duplicate SystemPrincipal object can be created when parsing a non-system HTML document using DOMParser::ParseFromSafeString. This could result in bypassing web security checks. This vulnerability affects Firefox versions earlier than 109...

Astra Linux - уязвимость в chromium

A heap buffer overflow in the Network Service of Google Chrome prior to version 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page and specific interactions. Chromium security severity: High...

Astra Linux - уязвимость в firefox

When dragging and dropping an image across origins, the size of the image may be leaked. This behavior was present in version 109 and caused web compatibility issues, as well as this security concern. Therefore, this behavior was disabled until further review. This vulnerability affects Firefox...

Astra Linux - уязвимость в chromium

Type Confusion in the ServiceWorker API of Google Chrome prior to version 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в chromium

Inappropriate implementation in the iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. Chromium security severity: Medium...

EUVD-2023-27700

Malicious code in bioql PyPI...

EUVD-2023-27704

Malicious code in bioql PyPI...

EUVD-2023-29652

Malicious code in bioql PyPI...

OPENSUSE-SU-2024:0122-1 Security update for opera

Opera was updated to fix the following issues: Update to 109.0.5097.45 CHR-9416 Updating Chromium on desktop-stable- branches DNA-114737 Search box It's getting blurred when click on it, also lower corners are not rounded sometimes DNA-115042 '+' button is not responsive when 30+ tabs opened...

SUSE CVE-2023-0128

Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2023-0138

Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

SUSE CVE-2023-0473

Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-0474

Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. Chromium security severity: Medium...

DEBIAN-CVE-2023-0473

Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

UBUNTU-CVE-2023-0473

Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

UBUNTU-CVE-2023-0471

Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Mozilla Firefox Security Advisories (MFSA2022-54, MFSA2023-02) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Vulnerabilities fixed in Mozilla Firefox and Firefox ESR

Mozilla has fixed several vulnerabilities in Firefox and Firefox ESR. A malicious party could potentially exploit the vulnerabilities to collect system data and/or execute code under the user's privileges. Mozilla has released Firefox 109 and Firefox ESR 102.7 to address the vulnerabilities. You...

Google releases Chrome 109 with a range of bug fixes

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome 109 is being promoted to the stable channel for Windows, Mac, and Linux. It contains a number of bug fixes and improvements, including use after free in Overview Mode, a heap buffer...