2183 matches found
Important: Red Hat Security Advisory: stunnel security update
An update for stunnel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
FHEM 信息泄露漏洞
FHEM is a Perl-based server-side program from the FHEM community for controlling smart devices for house automation. The program runs as a server and you can control it directly via web or smartphone front-end, telnet or TCP / IP to automate some common tasks in your home, such as switching on/of...
CVE-2020-26974
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR...
CVE-2020-26974
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR...
CVE-2020-26974
CVE-2020-26974 is a Firefox/Thunderbird vulnerability where using flex-basis on a table wrapper could cause a StyleGenericFlexBasis object to be cast to the wrong type, leading to a heap use-after-free and memory corruption, potentially crashing the browser. Affected: Firefox <84, Thunderbird ...
Censys-Python - An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine
An easy-to-use and lightweight API wrapper for the Censys Search Engine censys.io. Python 3.6+ is currently supported. Getting Started The library can be installed using pip. $ pip install censys To configure your credentials run censys config or set both CENSYSAPIID and CENSYSAPISECRET environme...
CVE-2020-28949
A flaw was found in the ArchiveTar package. PEAR ArchiveTar could allow a local authenticated attacker to bypass security restrictions caused by a stream-wrapper attack. An attacker can overwrite arbitrary files on the system using a specially-crafted tar archive...
Android Studio Privilege Escalation
Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0 When you open a project in android studio, if gradle-wrapper.properties set distributionUrl=https:// services.gradle.org/distributions/gradle-2.6-all.zip , then android studio will download and extract gradle-2.6-all.zip, jar file i...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
The Mozilla Foundation Security Advisory describes this flaw as: When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash...
Mozilla Firefox 缓冲区错误漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox. When using flex-basis on a table wrapper, StyleGenericFlexBasis objects may be incorrectly converted to the wrong type. This would result in a heap...
UBUNTU-CVE-2020-26974
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR...
Security Vulnerabilities fixed in Thunderbird 78.6 — Mozilla
When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read. Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. Certain input to the CSS Sanitizer confused it,...