MiracleLinux 9 : thunderbird-115.4.1-1.el9.ML.1 (AXSA:2023-6564:30)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6564:30 advisory. Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR...

Fedora 43 : chromium (2026-65945d88e4)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-65945d88e4 advisory. Update to 144.0.7559.59 CVE-2026-0899: Out of bounds memory access in V8 CVE-2026-0900: Inappropriate implementation in V8 CVE-2026-0901:...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Ubuntu: Security Advisory (USN-7566-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4906-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4906-1 [email protected] https://www.debian.org/security/ Michael Gilbert April 27, 2021 https://www.debian.org/security/faq -...

1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp

A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto's Citizen Lab, the...

The Great DOM Fuzz-off of 2017

Posted by Ivan Fratric, Project Zero Introduction Historically, DOM engines have been one of the largest sources of web browser bugs. And while in the recent years the popularity of those kinds of bugs in targeted attacks has somewhat fallen in favor of Flash which allows for cross-browser exploi...

Learn Spanish. Speak Spanish - Dangerous filesystem permissions, MIT license, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Learn Spanish. Speak Spanish published at the 'play' market has multiple vulnerabilities...

Mozilla: Miscellaneous memory safety hazards (rv:31.4) (MFSA 2015-01)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary cod...

MS14-056: Cumulative Security Update for Internet Explorer (2987107)

The remote host is missing Internet Explorer IE Security Update 2987107. The version of Internet Explorer installed on the remote host is affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker can exploit these by convincing a user to...

MS14-052: Cumulative Security Update for Internet Explorer (2977629)

The remote host is missing Internet Explorer IE Security Update 2977629. The version of Internet Explorer installed on the remote host is affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An attacker can exploit these by convincing a user to...

Debian Security Advisory DSA 2883-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser. CVE-2013-6654 TheShow3511 discovered an issue in SVG handling. CVE-2013-6655 cloudfuzzer discovered a use-after-free iss...

[BeEF 0.4.3.8] Browser Exploitation Framework

The Browser Exploitation Framework BeEF is a powerful professional security tool. It is a penetration testing tool that focuses on the web browser. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security...

Even Without Browser Flaws, Attackers Have the Upper Hand on the Web

TORONTO–If the spate of vulnerabilities and sophisticated attacks against browsers in the last couple of years has done nothing else, it’s certainly shown just how vulnerable users are as they go about their daily business on the Web. In a talk at the SecTor conference, a researcher showed severa...

How to Get Owned in One Easy Step

As 2009 draws to a close, one thing has become clear: The most dangerous piece of software on your PC isn’t a banking Trojan or a bot; it’s your Web browser. The Web browser has become the main focal point of attackers’ attention and the frequency with which new vulnerabilities are found in all o...

seamonkey security update

CentOS Errata and Security Advisory CESA-2008:1037-01 Updated seamonkey packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3, and Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat...

Internet Explorer Heap Spray Shell Code Execution (MS06-055 MS06-067; CVE-2006-4446; CVE-2006-4777; CVE-2006-4868; CVE-2009-2991)

Heap spraying is a new and increasingly popular technique to exploit vulnerabilities in Internet browsers. Heap spraying is used by attackers to implant a shell code on a target system. Shell code is a piece of executable code that opens a command shell that the attacker can control remotely...

Firefox < 1.0.2 Multiple Vulnerabilities

The remote version of Firefox contains various security issues that may allow an attacker to impersonate a website and to trick a user into accepting and executing arbitrary files or to cause a heap overflow in the FireFox process and execute arbitrary code on the remote host. C Tenable Network...

Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)

source: https://www.securityfocus.com/bid/11712/info Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Java implementation. These issues may allow an attacker to craft a Java...

Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)

Opera Web browser 7.54 java implementation - Multiple Vulnerabilities 2 source: https://www.securityfocus.com/bid/11712/info Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Ja...