[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

146533

 
 

909

 
 

117189

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 14897 Download | Alert*

Mozilla Firefox 72, Mozilla Firefox ESR 68.4 and Mozilla Thunderbird 64.8.1: Mozilla developers Jason Kratzer, Christian Holler, and Bob Clary reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 72, Mozilla Firefox ESR 68.4 and Mozilla Thunderbird 64.8.1: When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's inne ...

Mozilla Firefox 72, Mozilla Firefox ESR 68.4 and Mozilla Thunderbird 64.8.1: During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process.

Mozilla Firefox 72, Mozilla Firefox ESR 68.4 and Mozilla Thunderbird 64.8.1: Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code.

Mozilla Firefox 72, Mozilla Firefox ESR 68.4 and Mozilla Thunderbird 64.8.1: When pasting a style tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration.

Mozilla Firefox 72, Mozilla Firefox ESR 68.4 and Mozilla Thunderbird 64.8.1: During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process.

Mozilla Thunderbird 68.8.0 : By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays.

The host is installed with Artifex Ghostscript before 9.24 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which uses incorrect restoration of privilege checking during handling of invalid access exceptions. Successful exploitation could allow attackers to supply crafted postScript files to crash the interpreter or potentially execute code.

The host is installed with Oracle MySQL Server through 5.6.47, 5.7.28 or 8.0.18 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to InnoDB. Successful exploitation allows attackers to affect Availability.

The host is installed with Oracle MySQL Server through 5.6.47, 5.7.29 or 8.0.19 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Stored Procedure. Successful exploitation allows attackers to affect Availability.


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   1489

© SecPod Technologies