[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195521

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 17059 Download | Alert*

Mozilla Firefox 71 and Mozilla Firefox ESR 68.3: When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service.

Mozilla Firefox 106.0 : Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 107 : Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Firefox 106 and Firefox ESR 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 94 : When parsing internationalized domain names, high bits of the characters in the URLs were sometimes stripped, resulting in inconsistencies that could lead to user confusion or attacks such as phishing.

Mozilla Firefox 84 : When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing.

Mozilla Firefox 92 : Default

Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.

The host is installed with SeaMonkey before 2.15 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to restrict a touch event to a single IFRAME element. Successful exploitation allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document.

The host is installed with Adobe InDesign 18.x before 18.5.1 or 17.x through 17.4.2 and is prone to a NULL pointer dereference vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to cause application denial-of-service.

The host is installed with Google Chrome before 41.0.2272.76 and is prone to multiple unspecified vulnerabilities. The flaws are present in the application, which does not properly handle unknown vectors. Successful exploitation allows remote attackers to cause a denial of service or possibly have other impact.


Pages:      Start    1085    1086    1087    1088    1089    1090    1091    1092    1093    1094    1095    1096    1097    1098    ..   1705

© SecPod Technologies