5 matches found
Astra Linux – Vulnerability in nss
During RSA key generation, bignum implementations used a variant of the Binary Extended Euclidean Algorithm, which involved significant input-dependent processing. This allowed attackers to perform electromagnetic-based side-channel attacks to capture traces that could lead to the recovery of...
MiracleLinux 8 : firefox-78.10.0-1.0.1.el8 (AXSA:2021-1733:13)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1733:13 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...
Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...
Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process
When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox 78...
chromium-browser: use-after-free in bluetooth
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...