Mozilla developers Jason Kratzer, Tyson Smith, and Christian Holler reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 allows remote attackers to hijack the authentication of unspecified victims for requests that create a resource via an HTTP POST request with a (1) missing or (2) crafted Content-Type header.
Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6801
Related Posts
Patch updates for 53 Microsoft VulnerabilitiesMicrosoft company keeps on monitoring their customers' feedback and software bugs, security issues in their products with real time cyber-security standards to release patch updates. Microsoft released latest security patch updates for this month. Microsoft officially released security patch updates for 53 vulnerabilities, affecting Windows, Internet Explorer (IE), Edge, ChakraCore,…
Multiple Vulnerabilities in Google Chrome versions prior to 80.0.3987.149Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context…
PHP 7.4.4 Released on 19 March 2020The PHP development team released PHP 7.4.4 on 19 March 2020 and it's immediate availability due to security release which also contains several bug fixes. Whoever using PHP 7.4 must upgrade into PHP 7.4.4 without delay. Version 7.4.4 Changelog Core Fixed bug #79329 (get_headers() silently truncates after a null byte)…
