Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

Malwarebytes Premium Security stops 100% of malware during AV Lab test

Malwarebytes Premium blocked 100% of malware during the most recent testing by the AV Lab Cybersecurity Foundation.

Malwarebytes
Open in Source
#web#firefox
Carbon Forum 5.9.0 Cross Site Request Forgery / SQL Injection

Carbon Forum version 5.9.0 suffers from access control, cross site request forgery, file upload, outdated library, and remote SQL injection vulnerabilities.

GHSA-7gjr-hcc3-xfr4: Improper line feed handling in zenml

A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (`\n`) characters in component names. When a low-privileged user adds a component through the API endpoint `api/v1/workspaces/default/components` with a name containing a `\n` character, it leads to uncontrolled resource consumption. This vulnerability results in the inability of users to add new components in certain categories (e.g., 'Image Builder') and to register new stacks through the UI, thereby degrading the user experience and potentially rendering the ZenML Dashboard unusable. The issue does not affect component addition through the Web UI, as `\n` characters are properly escaped in that context. The vulnerability was tested on ZenML running in Docker, and it was observed in both Firefox and Chrome browsers.

Red Hat Security Advisory 2024-4036-03

Red Hat Security Advisory 2024-4036-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-4018-03

Red Hat Security Advisory 2024-4018-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-4016-03

Red Hat Security Advisory 2024-4016-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-4015-03

Red Hat Security Advisory 2024-4015-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-4004-03

Red Hat Security Advisory 2024-4004-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-4003-03

Red Hat Security Advisory 2024-4003-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-4002-03

Red Hat Security Advisory 2024-4002-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and use-after-free vulnerabilities.