Download
| Alert*
oval:org.secpod.oval:def:63043
The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:63042 The host is installed with Google Chrome before 81.0.4044.138 and is prone to a stack buffer overflow vulnerability in speech recognizer. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:63041 The host is installed with Google Chrome before 81.0.4044.138 and is prone to a stack buffer overflow vulnerability in speech recognizer. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:63038 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:63037 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:63517 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:63497 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:503740 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:503741 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:505259 Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 81.0.4044.138. Security Fix: * chromium-browser: Type Confusion in Blink * usrsctp: Buffer overflow in AUTH chunk input validation For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:503737 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:63000 The host is missing a critical security update according to Mozilla advisory, MFSA2020-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:64139 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:503742 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:503743 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:503744 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:66549 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:62999 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-17. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:64118 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:89050384 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:62982 The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaw is present in the application, which fails to handle crafted data. Successful exploitation allows attackers to have unspecified impact. oval:org.secpod.oval:def:62984 The host is installed with Google Chrome before 81.0.4044.138, Chromium-based Edge before 81.0.416.72, Mozilla Firefox 76, Mozilla Firefox ESR 68.8 and Mozilla Thunderbird 68.8 and is prone to a stack buffer overflow vulnerability in speech recognizer. A flaw is present in the application, which fai ... oval:org.secpod.oval:def:62981 Mozilla Firefox 76, Mozilla Firefox ESR 68.8 and Mozilla Thunderbird 68.8 : A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:62970 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-16. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:62971 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-17. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:62972 The host is missing a critical security update according to Mozilla advisory, MFSA2020-18. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:604834 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:89000158 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.8.0 ESR MFSA 2020-17 * CVE-2020-12387 Use-after-free during worker shutdown * CVE-2020-12388 Sandbox escape with improperly guarded Access Tokens * CVE-2020-12389 Sandbox escape with improperly separ ... oval:org.secpod.oval:def:1502902 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:705489 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1502908 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:89000069 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:1504254 [68.8.0-1.0.1.el8_2] - Rebuild to pickup Oracle default bookmarks [Orabug: 30069264] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file - Remove upstream references [Orabug: 30530527] * Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 [68.7.0-3] - Added fix for rhbz#1 ... oval:org.secpod.oval:def:1502910 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504182 [68.8.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [68.8.0-1] - Update to 68.8.0 build2 oval:org.secpod.oval:def:205569 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:205564 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:205565 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.8.0 ESR. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ... oval:org.secpod.oval:def:1504188 [68.8.0-1.0.1] - fix LD_LIBRARY_PATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one * Wed Apr 29 2020 Jan Horak - Update to 68.8.0 build1 [68.7.0-3] - Added fix for rhbz#1821418 [68.7.0-2] - Update to 68.7.0 build3 [68.6.1-1] - Update to 68.6.1 ESR * Wed Mar 04 2020 J ... oval:org.secpod.oval:def:205566 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.8.0. Security Fix: * Mozilla: Use-after-free during worker shutdown * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 * usrsctp: Buffer overflow in AUTH chunk input va ... oval:org.secpod.oval:def:705466 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:604843 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:1700336 The Mozilla Foundation Security Advisory describes this flaw as:On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in GMPDecodeData. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability aff ... oval:org.secpod.oval:def:2105821 Oracle Solaris 11 - ( CVE-2020-6814 ) oval:org.secpod.oval:def:604903 Several vulnerabilities have been discovered in the chromium web browser. CVE-2020-6423 A use-after-free issue was found in the audio implementation. CVE-2020-6430 Avihay Cohen discovered a type confusion issue in the v8 javascript library. CVE-2020-6431 Luan Herrera discovered a policy enforcement ... oval:org.secpod.oval:def:69817 Several vulnerabilities have been discovered in the chromium web browser. CVE-2020-6423 A use-after-free issue was found in the audio implementation. CVE-2020-6430 Avihay Cohen discovered a type confusion issue in the v8 javascript library. CVE-2020-6431 Luan Herrera discovered a policy enforcement ... oval:org.secpod.oval:def:63012 Mozilla Firefox 76, Mozilla Firefox ESR 68.8 and Mozilla Thunderbird 68.8 : A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. oval:org.secpod.oval:def:62998 The host is missing a critical severity security update according to Mozilla advisory, MFSA2020-16. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts. oval:org.secpod.oval:def:63045 The host is installed with Google Chrome before 81.0.4044.138, Chromium-based Edge before 81.0.416.72, Mozilla Firefox 76, Mozilla Firefox ESR 68.8 or Mozilla Thunderbird 68.8 and is prone to a stack buffer overflow vulnerability in speech recognizer. A flaw is present in the application, which fail ... |