Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

CVE-2022-34832: XXE in AgileReporter 21.3 by VERMEG

An issue was discovered in VERMEG AgileReporter 21.3. XXE can occur via an XML document to the Analysis component.

CVE
Open in Source
#xss#vulnerability#web#windows#dos#js#java#firefox#sap
Safari Side-Channel Attack Enables Browser Theft

The "iLeakage" attack affects all recent iPhone, iPad, and MacBook models, allowing attackers to peruse your Gmail inbox, steal your Instagram password, or scrutinize your YouTube history.

Debian Security Advisory 5535-1

Debian Linux Security Advisory 5535-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, clickjacking, spoofing or information leaks.

CVE-2023-5731: Security Vulnerabilities fixed in Firefox 119

Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.

CVE-2023-5758: Security Vulnerabilities fixed in Firefox for iOS 119

When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for iOS < 119.

APT Winter Vivern Exploits New Roundcube 0-Day to Target European Entities

By Waqas ESET Research Uncovers New Targeted Campaign Impacting European Governments and Think Tanks. This is a post from HackRead.com Read the original post: APT Winter Vivern Exploits New Roundcube 0-Day to Target European Entities

Google Chrome to Mask User IP Addresses to Protect Privacy

By Waqas The feature is called IP Protection, and it's important to note that it is not a VPN. A VPN encrypts all of a user's traffic, while IP Protection only masks their IP address. This is a post from HackRead.com Read the original post: Google Chrome to Mask User IP Addresses to Protect Privacy

DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan

The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are also configured to deliver a downloader named CSVtyrei, so named for its resemblance to Vtyrei. "Some

What is the Dark Web, Search Engines, and What Not to Do on the Dark Web

By Waqas In this article, we will delve deeper into what is the dark web, exploring its definition, the top… This is a post from HackRead.com Read the original post: What is the Dark Web, Search Engines, and What Not to Do on the Dark Web

CVE-2023-38193: usd-2023-0015 - usd HeroLab

An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a crafted sendmail command line.