16 matches found
EUVD-2023-53937
Malicious code in bioql PyPI...
OESA-2025-1267 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additiona...
OESA-2025-1266 firefox security update
Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbag...
USN-6333-1: Thunderbird vulnerabilities
Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. CVE-2023-3417 Max Vlasov discovered that Thunderbird Offscre...
Debian DSA-5464-1 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5464 advisory. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the...
AlmaLinux 9 : firefox (ALSA-2023:4462)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4462 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...
Oracle Linux 7 : firefox (ELSA-2023-4461)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4461 advisory. 102.14.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...
AlmaLinux 8 : firefox (ALSA-2023:4468)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4468 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...
CVE-2023-4046
The Mozilla Foundation Security Advisory describes this flaw as: In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process...
USN-6267-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-4047, CVE-2023-4048,...
Mozilla Thunderbird < 102.14
The version of Thunderbird installed on the remote Windows host is prior to 102.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-32 advisory. - Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and...
CVE-2023-4046
In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...
Security Vulnerabilities fixed in Firefox ESR 115.1 — Mozilla
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect...
Security Vulnerabilities fixed in Firefox ESR 102.14 — Mozilla
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect...
Google Chrome 78.0.3904.70 - Remote Code Execution
Exploit Title: Google Chrome 78.0.3904.70 - Remote Code Execution Date: 2022-05-03 Exploit Author: deadlock Forrest Orr Type: RCE Platform: Windows Website: https://forrest-orr.net Twitter: https://twitter.com/ForrestOrr Vendor Homepage: https://www.google.com/chrome/ Software Link:...
Google Chrome 78.0.3904.70 Remote Code Execution
Exploit Title: Google Chrome 78.0.3904.70 - Remote Code Execution Date: 2022-05-03 Exploit Author: deadlock Forrest Orr Type: RCE Platform: Windows Website: https://forrest-orr.net Twitter: https://twitter.com/ForrestOrr Vendor Homepage: https://www.google.com/chrome/ Software Link:...