| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665. |
| An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. |
| Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible. |
| Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP redirects in TemporaryDocument, allowing a malicious site to inject arbitrary cookies into requests to an unrelated target domain. This vulnerability was fixed in Firefox for iOS 152.0. |
| Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability was fixed in Firefox for iOS 152.0. |
| Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12 and Firefox ESR 115.37. |
| Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. |
| Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. |
| Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. |
| Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. |
| Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. |
| Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. |
| Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152. |
| Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37. |
| Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152. |
| Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152. |
| JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37. |
| Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. |
| Sandbox escape due to incorrect boundary conditions in the Networking component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37. |
| Sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152 and Firefox ESR 140.12. |
