CVE-2025-5020 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2025-5020 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2025-5020

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139...

CVE-2025-5020

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139...

CVE-2025-5020

The CVE-2025-5020 issue affects Firefox for iOS (pre-139). The root cause is that opening maliciously crafted URLs from other apps could allow an attacker to spoof website addresses when the URL uses non-HTTP schemes internal to the Firefox iOS client. The impact is spoofing of website addresses,...

CVE-2025-5020 Links using non-HTTP schemes opened from other apps such as Safari could have allowed spoofing of website addresses

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139...

CVE-2024-5020

creationtimestamp| type| source ---|---|--- 2024-12-04 08:50:31+00:00| seen| https://infosec.exchange/users/cve/statuses/113593694914451957 2024-12-04 10:54:00+00:00| seen| https://t.me/cvedetector/11966...

CVE-2024-5020 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library versions 1.3.4 to 3.5.7 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

K00265182: Custom monitor privilege escalation vulnerability CVE-2016-5020

Security Advisory Description F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification EAV monitor script. CVE-2016-5020 Impact An...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Ruby vulnerabilities (USN-5020-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5020-1 advisory. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary...

Security Bulletin: Infosphere BigInsights is affected by a vulnerability in DB2 that allows users to truncate any table even though the owner of the table has not granted any privilege to any user/role/group (CVE-2015-5020).

Summary Infosphere BigInsights is affected by a vulnerability in DB2 that allows users to truncate any table even though the owner of the table has not granted any privilege to any user/role/group. CVE-2015-5020. The vulnerability exists in the Big SQL server component included in BigInsights...

CVE-2020-5020

IBM Spectrum Protect Plus 10.1.0–10.1.6 is affected by a clickjacking vulnerability (CVE-2020-5020) that could allow a remote attacker to hijack a victim’s click actions by convincing them to visit a malicious site. The issue is documented across multiple sources (NVD, CNVD/CVELIST entries, and I...

CentOS: Security Advisory for tomcat (CESA-2020:5020)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Virtuozzo Linux Errata and Security Advisory 2020:5020 Low

Upstream security update. Follow RHSA-2020:5020 for details...

Oracle Linux 7 : tomcat (ELSA-2020-5020)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5020 advisory. 0:7.0.76-16 - Resolves: rhbz1814315 CVE-2020-1935 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling Tenable has extracted the...

RHEL 7 : tomcat (RHSA-2020:5020)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:5020 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Mishandling of...

CVE-2011-5020

creationtimestamp| type| source ---|---|--- 2020-01-10 22:32:05+00:00| seen| https://t.me/cibsecurity/9122...

CVE-2011-5020

The CVE-2011-5020 issue is an SQL injection in the Online TV Database (2011) where the ID parameter is not properly validated. Connected CNVD-2020-02284 confirms a SQL injection vulnerability in the Online TV Database 2011, caused by a lack of validation of externally entered SQL statements. This...

Yara <= 3.8.1 Denial of Service (DoS) Vulnerability

Yara is prone to a denial of service DoS vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...

CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...