Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-16902

Malware in sbrugna...

9.8CVSS9AI score0.01125EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2018/07/30 3:10 p.m.6 views

chromium-browser: Local file information leak in Extensions

Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension...

6.5CVSS7.3AI score0.01178EPSS
Exploits0References5
OSV
OSV
added 2018/06/11 9:29 p.m.4 views

CVE-2018-5116

WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with th...

9.8CVSS7.4AI score0.01125EPSS
Exploits0References5
CVE
CVE
added 2018/06/11 9:0 p.m.142 views

CVE-2018-5116

The CVE-2018-5116 entry concerns Mozilla Firefox prior to version 58.0 where WebExtensions with the ActiveTab permission can access cross-origin frames within the active tab, allowing malicious extensions to inject and interact with frames from arbitrary origins and bypass same-origin expectation...

9.8CVSS8.7AI score0.01125EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2018/06/11 9:0 p.m.15 views

CVE-2018-5116

WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with th...

9.8CVSS9.4AI score0.01125EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/01/24 12:0 a.m.45 views

FreeBSD : mozilla -- multiple vulnerabilities (a891c5b4-3d7a-4de9-9c71-eef3fd698c77)

Mozilla Foundation reports : CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5092: Use-after-free in Web Workers CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory...

10CVSS7.4AI score0.20024EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2018/01/23 12:0 a.m.20 views

CVE-2018-5116

WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with th...

9.8CVSS7.3AI score0.01125EPSS
Exploits0References3
Rows per page
Query Builder