CVSS: 7.4EPSS: 0%CPEs: 23EXPL: 0CVE-2024-11614 – Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library
https://notcve.org/view.php?id=CVE-2024-11614
18 Dec 2024 — An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset. An update for dpdk is now available for Red Hat Enterprise Linux 8.6 Ad... • https://access.redhat.com/security/cve/CVE-2024-11614 • CWE-125: Out-of-bounds Read •
CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 0CVE-2024-11694 – firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims
https://notcve.org/view.php?id=CVE-2024-11694
26 Nov 2024 — Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, and Thunderbird < 128.5. Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and D... • https://bugzilla.mozilla.org/show_bug.cgi?id=1924167 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.0EPSS: 0%CPEs: 21EXPL: 0CVE-2024-3447 – Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()
https://notcve.org/view.php?id=CVE-2024-3447
14 Nov 2024 — A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. • https://access.redhat.com/security/cve/CVE-2024-3447 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10467 – firefox: thunderbird: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4
https://notcve.org/view.php?id=CVE-2024-10467
29 Oct 2024 — Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox 131, Firefox ESR 128.... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10466 – firefox: DOM push subscription message could hang Firefox
https://notcve.org/view.php?id=CVE-2024-10466
29 Oct 2024 — By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. The Mozilla Foundation's Security Advisory: By sending a specially crafted push message, a remote server could hang the parent process, causing the browser to become unresponsive. Multiple security issues were discovered in Firefox. If a user were tricked into ope... • https://bugzilla.mozilla.org/show_bug.cgi?id=1924154 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10465 – firefox: thunderbird: Clipboard "paste" button persisted across tabs
https://notcve.org/view.php?id=CVE-2024-10465
29 Oct 2024 — A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. The Mozilla Foundation's Security Advisory: A clipboard "paste" button could persist across tabs which allowed a spoofing attack. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing or information... • https://bugzilla.mozilla.org/show_bug.cgi?id=1918853 • CWE-20: Improper Input Validation CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10464 – firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser
https://notcve.org/view.php?id=CVE-2024-10464
29 Oct 2024 — Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. The Mozilla Foundation's Security Advisory: Repeated writes to history interface attributes could be used to cause a Denial of Service condition in the browser. This issue was addressed by introducing rate-limiting to th... • https://bugzilla.mozilla.org/show_bug.cgi?id=1913000 • CWE-125: Out-of-bounds Read CWE-799: Improper Control of Interaction Frequency •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10463 – firefox: thunderbird: Cross origin video frame leak
https://notcve.org/view.php?id=CVE-2024-10463
29 Oct 2024 — Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Video frames could have been leaked between origins in some situations. Multiple security issues were discovered in Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1920800 • CWE-203: Observable Discrepancy CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10462 – firefox: thunderbird: Origin of permission prompt could be spoofed by long URL
https://notcve.org/view.php?id=CVE-2024-10462
29 Oct 2024 — Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Truncation of a long URL could have allowed origin spoofing in a permission prompt. Multiple security issues were discovered in Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1920423 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-290: Authentication Bypass by Spoofing •
CVSS: 6.4EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10461 – firefox: thunderbird: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response
https://notcve.org/view.php?id=CVE-2024-10461
29 Oct 2024 — In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. The Mozilla Foundation's Security Advisory: In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header is not respected and does not force a download, which could allow cross-site scripting (... • https://bugzilla.mozilla.org/show_bug.cgi?id=1914521 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •