#firefox

Red Hat Security Advisory 2024-7702-03 - An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Issues addressed include bypass and denial of service vulnerabilities.

Ubuntu Security Notice 7056-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Masato Kinugawa discovered that Firefox did not properly validate javascript under the "resource://pdf.js" origin. An attacker could potentially exploit this issue to execute arbitrary javascript code and access cross-origin PDF content.

OpenMediaVault version 7.4.2-2 suffers from a PHP code injection vulnerability.

Netis MW5360 suffers from a PHP code injection vulnerability.

Hikvision IP Cameras suffer from a cross site request forgery vulnerability.

GeoServer version 2.25.1 suffers from a PHP code injection vulnerability.

Gambio Online Webshop version 4.9.2.0 suffers from a PHP code injection vulnerability.

Debian Linux Security Advisory 5783-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

Acronis Cyber Infrastructure version 5.0.1-61 suffers from a cross site request forgery vulnerability.

Vehicle Service Management System version 1.0 suffers from a WYSIWYG code injection vulnerability.