Vulnerabilidades Archives - Página 1326 de 1343

9 Jul 2024

CVE-2024-27782

Título es

CVE-2024-27782

Mar, 09/07/2024 – 16:15

Tipo

CWE-613

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-27782

Descripción en

Multiple insufficient session expiration vulnerabilities [CWE-613] in FortiAIOps version 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests.

09/07/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)

8.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://fortiguard.fortinet.com/psirt/FG-IR-24-069

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6610

Título es

CVE-2024-6610

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6610

Descripción en

Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1883396

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6609

Título es

CVE-2024-6609

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6609

Descripción en

When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1839258

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6608

Título es

CVE-2024-6608

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6608

Descripción en

It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1743329

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6607

Título es

CVE-2024-6607

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6607

Descripción en

It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1694513

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6606

Título es

CVE-2024-6606

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6606

Descripción en

Clipboard code failed to check the index on an array access. This could have lead to an out-of-bounds read. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1902305

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6615

Título es

CVE-2024-6615

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6615

Descripción en

Memory safety bugs present in Firefox 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1892875%2C1894428%2C1898364

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6614

Título es

CVE-2024-6614

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6614

Descripción en

The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1902983

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6613

Título es

CVE-2024-6613

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6613

Descripción en

The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1900523

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

9 Jul 2024

CVE-2024-6612

Título es

CVE-2024-6612

Mar, 09/07/2024 – 15:15

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-6612

Descripción en

CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox

09/07/2024

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

Pendiente de análisis

Referencias

https://bugzilla.mozilla.org/show_bug.cgi?id=1880374

https://www.mozilla.org/security/advisories/mfsa2024-29/

Enviar en el boletín

Off

Archivos de la categoría: Vulnerabilidades