113074 matches found
Important: Red Hat Security Advisory: nginx:1.24 security update
An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module
A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...
nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files
A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...
NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file
A flaw was found in NGINX Open Source, specifically within the ngxhttpmp4module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resultin...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component...
firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Undefined behavior in the WebRTC: Signaling component...
firefox: thunderbird: Privilege escalation in the Netmonitor component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Netmonitor component...
firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Uninitialized memory in the Graphics: Canvas2D component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video component...
firefox: thunderbird: Information disclosure in the Widget: Cocoa component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Widget: Cocoa component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...
firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Undefined behavior in the WebRTC: Signaling component...
firefox: thunderbird: Use-after-free in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...
firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...
firefox: thunderbird: Use-after-free in the Layout: Text and Fonts component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Layout: Text and Fonts component...
firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Playback component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Playback component...
firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corrupti...
firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume th...
firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...
firefox: thunderbird: Use-after-free in the Widget: Cocoa component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Widget: Cocoa component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: GMP component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...
firefox: thunderbird: Denial-of-service in the WebRTC: Signaling component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service in the WebRTC: Signaling component...
firefox: thunderbird: JIT miscompilation in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...
firefox: thunderbird: Mitigation bypass in the Networking: HTTP component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the Networking: HTTP component...
firefox: thunderbird: Incorrect boundary conditions in the Layout: Text and Fonts component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Layout: Text and Fonts component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...
firefox: thunderbird: Sandbox escape in the Responsive Design Mode component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Responsive Design Mode component...
firefox: thunderbird: Sandbox escape due to use-after-free in the Disability Access APIs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...
thunderbird: Spoofing issue in Thunderbird
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in Thunderbird...
firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the CSS Parsing and Computation component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Race condition, use-after-free in the Graphics: WebRender component...
thunderbird: Out of bounds read in IMAP parsing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...
firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Canvas2D component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Text component...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Important: Red Hat Security Advisory: Red Hat Quay 3.9.20
Red Hat Quay 3.9.20 is now available with bug fixes. Quay 3.9.20...
NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
A flaw was found in NGINX, specifically within the ngxmailauthhttpmodule. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of...
NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module
A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...
Important: Red Hat Security Advisory: nginx:1.24 security update
An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file
A flaw was found in NGINX Open Source, specifically within the ngxhttpmp4module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resultin...
nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files
A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...