[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 16267 Download | Alert*

The host is installed with Google Chrome before 120.0.6099.62 and is prone to an insufficient data validation vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

The host is installed with Node.js 18.x before 18.19.1, 20.x before 20.11.1, or 21.x before 21.6.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to handle setuid(). Successful exploitation allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid().

The host is installed with Node.js 18.x before 18.20.1, 20.x before 20.12.1, or 21.x before 21.7.2 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle nghttp2 memory. Successful exploitation could allow an attacker to make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 f ...

Mozilla Firefox 126.0, Mozilla Firefox ESR 115.11.0 and Mozilla Thunderbird 115.11.0 : A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context.

Mozilla Firefox 126.0, Mozilla Firefox ESR 115.11.0 and Mozilla Thunderbird 115.11.0 : If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox.

Mozilla Firefox 126.0, Mozilla Firefox ESR 115.11.0 and Mozilla Thunderbird 115.11.0 : A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions.

Mozilla Firefox 126.0, Mozilla Firefox ESR 115.11.0 and Mozilla Thunderbird 115.11.0 : When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn information cross-origin.

Mozilla Firefox 126.0, Mozilla Firefox ESR 115.11.0 and Mozilla Thunderbird 115.11.0 : When saving a page to PDF, certain font styles could have led to a potential use-after-free crash.

Mozilla Firefox 126.0, Mozilla Firefox ESR 115.11.0 and Mozilla Thunderbird 115.11.0 : Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

The host is installed with Google Chrome before 125.0.6422.141, or Microsoft Edge before 125.0.2535.85 and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   1626

© SecPod Technologies