CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10462 – firefox: thunderbird: Origin of permission prompt could be spoofed by long URL
https://notcve.org/view.php?id=CVE-2024-10462
29 Oct 2024 — Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Truncation of a long URL could have allowed origin spoofing in a permission prompt. Multiple security issues were discovered in Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1920423 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-290: Authentication Bypass by Spoofing •
CVSS: 6.4EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10461 – firefox: thunderbird: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response
https://notcve.org/view.php?id=CVE-2024-10461
29 Oct 2024 — In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. The Mozilla Foundation's Security Advisory: In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header is not respected and does not force a download, which could allow cross-site scripting (... • https://bugzilla.mozilla.org/show_bug.cgi?id=1914521 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-9050 – Networkmanager-libreswan: local privilege escalation via leftupdown
https://notcve.org/view.php?id=CVE-2024-9050
22 Oct 2024 — A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to speci... • https://access.redhat.com/errata/RHSA-2024:8312 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.8EPSS: 0%CPEs: 23EXPL: 0CVE-2024-21235 – JDK: Integer conversion error leads to incorrect range check (8332644)
https://notcve.org/view.php?id=CVE-2024-21235
15 Oct 2024 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK... • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-195: Signed to Unsigned Conversion Error •
CVSS: 7.4EPSS: 0%CPEs: 41EXPL: 0CVE-2024-21217 – JDK: Unbounded allocation leads to out-of-memory error (8331446)
https://notcve.org/view.php?id=CVE-2024-21217
15 Oct 2024 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM f... • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-502: Deserialization of Untrusted Data CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 3.7EPSS: 0%CPEs: 19EXPL: 0CVE-2024-21210 – JDK: Array indexing integer overflow (8328544)
https://notcve.org/view.php?id=CVE-2024-21210
15 Oct 2024 — Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the spe... • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-190: Integer Overflow or Wraparound CWE-203: Observable Discrepancy •
CVSS: 3.7EPSS: 0%CPEs: 21EXPL: 0CVE-2024-21208 – JDK: HTTP client improper handling of maxHeaderSize (8328286)
https://notcve.org/view.php?id=CVE-2024-21208
15 Oct 2024 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for ... • https://www.oracle.com/security-alerts/cpuoct2024.html • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-203: Observable Discrepancy •
CVSS: 9.4EPSS: 0%CPEs: 11EXPL: 0CVE-2024-48949 – elliptic: Missing Validation in Elliptic's EDDSA Signature Verification
https://notcve.org/view.php?id=CVE-2024-48949
10 Oct 2024 — The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits "sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()" validation. A flaw was found in the Elliptic package. This vulnerability allows attackers to bypass EDDSA signature validation via improper handling of signature values where the S() component of the signature is not properly checked for being non-negative or smaller than the curve order. This update for pgadmin4 fixes the following issues. Fixed socke... • https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.4EPSS: 0%CPEs: 43EXPL: 0CVE-2024-9675 – Buildah: buildah allows arbitrary directory mount
https://notcve.org/view.php?id=CVE-2024-9675
09 Oct 2024 — A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. This update for podman fixes the following issues. Github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denia... • https://access.redhat.com/security/cve/CVE-2024-9675 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 10%CPEs: 36EXPL: 2CVE-2024-9680 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-9680
09 Oct 2024 — An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, and Firefox ESR < 115.16.1. An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. • https://github.com/tdonaworth/Firefox-CVE-2024-9680 • CWE-416: Use After Free •