[Forgot Password]
Login  Register Subscribe

24547

 
 

132763

 
 

124222

 
 

909

 
 

106938

 
 

150

 
 
Paid content will be excluded from the download.

Filter
Matches : 17973 Download | Alert*

The host is installed with VideoLAN VLC media player through 3.0.7 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle an issue in modules/demux/mkv/util.cpp file. Successful exploitation could allow attackers to execute arbitrary code.

The host is installed with Apache Tomcat versions 9.0.0.M1 to 9.0.19 or 8.5.0 to 8.5.40 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle the issue in HTTP/2 connection. Successful exploitation allows attackers to cause server-side threads to block eventually leading to thread exhaustion and a DoS.

The host is installed with Apache HTTP Server 2.4.x through 2.4.38 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to properly handle the servers processing when the path component of a request URL contains multiple consecutive slashes ('/'). Successful exploitation could allow remote attackers to leverage this issue to perform unauthorized action ...

Mozilla Firefox 66.0.1, Mozilla Firefox ESR 60.6.1 : Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write.

Mozilla Firefox 66.0.1, Mozilla Firefox ESR 60.6.1 : Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow.

Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry.

Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. When a registration is later freed with the removal of the animation controller element, the refresh driver incorrectly leaves a dangling pointer to the driver's observer array.

Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party ...

Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash.

Mozilla Firefox 66, Mozilla Firefox ESR 60.6 : A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This vulnerability could allow an attacker to create an arbitrary value in compiled JavaScript, for which the range analysis will infer a fully controlled, incorrect range in circumstances where users have ...


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   1797

© SecPod Technologies