[Forgot Password]
Login  Register Subscribe

26309

 
 

132812

 
 

150489

 
 

909

 
 

119739

 
 

158

 
 
Paid content will be excluded from the download.

Filter
Matches : 119741 Download | Alert*

The host is installed with Apple Mac OS X through 10.12.6, 10.13.6 or 10.14.5 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle multiple issues. Successful exploitation allows attackers to execute arbitrary code or read restricted memory.

The host is installed with Apple MacOS X 10.14.5 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an entitlement issue. Successful exploitation could allow local attackers to read a persistent account identifier.

The host is installed with Apple MacOS X 10.14.5 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle a memory initialization issue. Successful exploitation could allow attackers to execute arbitrary code with system privileges.

Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This occurs because the function <code>APZCTreeManager::ComputeClippedCompositionBounds</code> did not follow iterator invalidation rules.

Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from.

Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element.

Mozilla Firefox 81, Mozilla Firefox ESR 78.3, Mozilla Thunderbird 78.3 : Mozilla developer Jason Kratzer reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

The host is missing a high severity security update according to Mozilla advisory, MFSA2020-44. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple vectors. Successful exploitation can cause multiple impacts.

In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack.

unsafe traversal of symlinks


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   11974

© SecPod Technologies