Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-22753: Invalid Bug ID

A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

CVE
#vulnerability#windows#firefox

Sorry, I can’t find "1732435?cve=title". It does not seem like bug number nor an alias to a bug.

Please press Back and try again.

Related news

CVE-2022-22759: Security Vulnerabilities fixed in Thunderbird 91.6

If a document created a sandboxed iframe without <code>allow-scripts</code>, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.

Why Browser Vulnerabilities Are a Serious Threat — and How to Minimize Your Risk

As a result of browser market consolidation, adversaries can focus on uncovering vulnerabilities in just two main browser engines.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907