Aggregator

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.11.1. This issue affects the function spin_unlock_irqrestore. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2024-47735. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.11.1. This vulnerability affects the function e_value_offs of the component ext4. The manipulation leads to use after free. This vulnerability was named CVE-2024-47701. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Firefox up to 11.0. This affects an unknown part of the component ISO-2022-KR/ISO-2022-CN Character Set Decoder. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2012-0477. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Firefox up to 11.0. This vulnerability affects unknown code of the component Docshell Page Loading URL. The manipulation leads to cross site scripting. This vulnerability was named CVE-2012-0474. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 11.0. This issue affects the function cairo_dwrite_font_face of the component Font Rendering. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2012-0472. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Firefox up to 11.0. Affected is an unknown function of the component Multi-Octet Encoding Input Validation. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2012-0471. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 11.0 and classified as critical. Affected by this vulnerability is the function gfxImageSurface. The manipulation leads to memory corruption. This vulnerability is known as CVE-2012-0470. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 11.0 and classified as critical. Affected by this issue is some unknown functionality of the component XPConnect Hashtable. The manipulation leads to improper resource management. This vulnerability is handled as CVE-2012-0469. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 11.0. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2012-0467. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mozilla Firefox up to 11.0. Affected by this issue is some unknown functionality of the component RSS/Atom XML HTTPS Content Loading URL. The manipulation leads to authentication bypass by spoofing. This vulnerability is handled as CVE-2012-0479. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 11.0. This affects the function texImage2D of the component WebGL. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2012-0478. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 11.0 and classified as problematic. This vulnerability affects the function WebGL.drawElements. The manipulation leads to numeric error. This vulnerability was named CVE-2012-0473. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, has been found in Mozilla Firefox ESR up to 10.0.4. Affected by this issue is some unknown functionality of the file jsinfer.cpp. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2012-1939. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, was found in Mozilla Firefox. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2012-1937. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Firefox. This vulnerability affects unknown code in the library wsock32.dll of the component ASN.1 Decoder. The manipulation leads to memory corruption. This vulnerability was named CVE-2012-0441. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users receiving warnings about stolen GitLab tokens due to improper token rotation after repeated alerts. BleepingComputer first reported the news of the incident, after it received several messages from […]

In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese threat actors. Security updates are trickling out The company, which is known for pushing out fixes for critical vulnerabilities before disclosing their existence to the public, has privately notified select customers a week ago and shared temporary mitigation advice. The advice apparently includes configuring FortiManager to prevent devices with … More →

The post Fortinet releases patches for undisclosed critical FortiManager vulnerability appeared first on Help Net Security.

A vulnerability has been found in Rittal IoT Interface and CMC III Processing Unit and classified as problematic. Affected by this vulnerability is the function rand of the component Function Call Handler. The manipulation leads to generation of predictable numbers or identifiers. This vulnerability is known as CVE-2024-47945. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

A vulnerability was found in Rittal IoT Interface and CMC III Processing Unit. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Firmware Upgrade Handler. The manipulation leads to missing protection mechanism for alternate hardware interface. This vulnerability is known as CVE-2024-47944. It is possible to launch the attack on the physical device. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Rittal IoT Interface and CMC III Processing Unit. It has been classified as problematic. Affected is an unknown function of the file run.sh of the component Firmware Upgrade Handler. The manipulation leads to improper verification of cryptographic signature. This vulnerability is traded as CVE-2024-47943. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.