KLA12519 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...

Mozilla Firefox Security Advisory (MFSA2022-09) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2022-09. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 30 security fixes, including: 1313905 High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park SeHwa on 2022-04-06 1299261 High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park SeHwa on 2022-02-20 1305190 High...

PT-2022-3689 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 100.0.4896.88 Description: The issue is related to a use after free in WebGPU, which can potentially allow a remote attacker to exploit heap corruption via a crafted HTML page. This could enable the attacker to...

CentOS 7 : firefox (RHSA-2022:0824)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0824 advisory. - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a...

CentOS 7 : thunderbird (RHSA-2022:0850)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0850 advisory. - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of- bounds write of one byte when processing t...

SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:0804-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0804-1 advisory. - Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had...

Security fix for the ALT Linux 10 package thunderbird version 91.6.2-alt1

91.6.2-alt1 built March 15, 2022 Pavel Vasenkov in task 296375 March 8, 2022 Pavel Vasenkov - New version. - Security fixes: + CVE-2022-26485 Use-after-free in XSLT parameter processing + CVE-2022-26486 Use-after-free in WebGPU IPC Framework...

Mozilla: Use-after-free in WebGPU IPC Framework

An unexpected message in the WebGPU IPC framework could lead to an exploitable sandbox escape and a use-after-free issue. An attacker with enough privileges could exploit this flaw leading to a complete system compromise...

Mozilla: Use-after-free in WebGPU IPC Framework

An unexpected message in the WebGPU IPC framework could lead to an exploitable sandbox escape and a use-after-free issue. An attacker with enough privileges could exploit this flaw leading to a complete system compromise...

Mozilla: Use-after-free in WebGPU IPC Framework

An unexpected message in the WebGPU IPC framework could lead to an exploitable sandbox escape and a use-after-free issue. An attacker with enough privileges could exploit this flaw leading to a complete system compromise...

Mozilla: Use-after-free in WebGPU IPC Framework

An unexpected message in the WebGPU IPC framework could lead to an exploitable sandbox escape and a use-after-free issue. An attacker with enough privileges could exploit this flaw leading to a complete system compromise...

Mozilla: Use-after-free in WebGPU IPC Framework

An unexpected message in the WebGPU IPC framework could lead to an exploitable sandbox escape and a use-after-free issue. An attacker with enough privileges could exploit this flaw leading to a complete system compromise...

Oracle Linux 8 : thunderbird (ELSA-2022-0845)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-0845 advisory. 91.7.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 91.7.0-2 - Update to 91.7.0 build2 91.7.0-1 - Upda...

Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:0824)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0824-1 advisory. - Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 - Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 - expat:...

RHEL 8 : firefox (RHSA-2022:0816)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0816 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

SUSE: Security Advisory (SUSE-SU-2022:0804-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security fix for the ALT Linux 10 package firefox-esr version 91.6.1-alt1

91.6.1-alt1 built March 11, 2022 Pavel Vasenkov in task 296362 March 7, 2022 Pavel Vasenkov - New ESR version. - Security fixes: + CVE-2022-26485 Use-after-free in XSLT parameter processing + CVE-2022-26486 Use-after-free in WebGPU IPC Framework...

OPENSUSE-SU-2022:0804-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 91.6.2 bsc1196809: - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework...

Mozilla: Use-after-free in WebGPU IPC Framework

An unexpected message in the WebGPU IPC framework could lead to an exploitable sandbox escape and a use-after-free issue. An attacker with enough privileges could exploit this flaw leading to a complete system compromise...