EUVD-2023-29652

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-28177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ha...

CVE-2023-25735

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

CVE-2023-25740

After downloading a Windows .scf script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.This bug only affects Firefox for Windows. Other...

Mozilla Firefox Security Advisories (MFSA2023-04, MFSA2023-06) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Unspecified Vulnerability in Mozilla Firefox (CNVD-2023-68437)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 110, which stems from an invalid down conversion in GetTableSelectionMode, and can be exploited by attackers to cause undefined...

SUSE CVE-2023-25743

A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.This bug only affects Firefox Focus. Other versions of Firefox are unaffected.. This vulnerability affects Firefox 110 and Firefox ESR 102.8...

SUSE CVE-2023-0703

Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...

Chrome 110 Tackles a Collection of Security Weaknesses

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome version 110 is now being rolled out to the stable channels for Windows, Mac, and Linux users. This update includes bug fixes and improvements, specifically addressing security issues...

openssl-sys (>=0.9.35 <=0.9.37) potentially affected by CVE-2023-0286 via openssl-src (=110.0.7+1.1.0i)

openssl-src CARGO version =110.0.7+1.1.0i is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - openssl-sys =0.9.35, =0.9.37 Source cves: CVE-2023-0286 Source advisory: OSV:GHSA-X4QR-2FVF-3MR5...

UBUNTU-CVE-2023-0703

Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...

UBUNTU-CVE-2023-0698

Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...