Lucene search
K

83 matches found

RedHat Linux
RedHat Linux
added 2022/12/15 4:30 p.m.5 views

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

8.6CVSS7.5AI score0.00772EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/15 4:22 p.m.3 views

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

8.6CVSS7.5AI score0.00772EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/15 4:21 p.m.5 views

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

8.6CVSS7.5AI score0.00772EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/15 4:9 p.m.5 views

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

8.6CVSS7.5AI score0.00772EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/15 3:57 p.m.3 views

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

8.6CVSS7.5AI score0.00772EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/15 3:56 p.m.5 views

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

8.6CVSS7.5AI score0.00772EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/15 3:46 p.m.5 views

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

8.6CVSS7.5AI score0.00772EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/15 3:46 p.m.5 views

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

8.6CVSS7.5AI score0.00772EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/12/15 12:0 a.m.18 views

RHEL 8 : firefox (RHSA-2022:9069)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9069 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

9.8CVSS8AI score0.00921EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2022/12/15 12:0 a.m.32 views

RHEL 8 : thunderbird (RHSA-2022:9078)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9078 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Security Fixes: Mozilla:...

9.8CVSS8AI score0.00921EPSS
Exploits0References16
RedHat Linux
RedHat Linux
added 2022/04/11 2:38 p.m.2 views

Mozilla: Out of bounds write due to unexpected WebAuthN Extensions

The Mozilla Foundation Security Advisory describes this flaw as: If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable cra...

8.8CVSS7.3AI score0.02556EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2022/04/08 2:48 p.m.1 views

Mozilla: Out of bounds write due to unexpected WebAuthN Extensions

The Mozilla Foundation Security Advisory describes this flaw as: If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable cra...

8.8CVSS7.3AI score0.02556EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2022/04/06 2:50 p.m.49 views

CVE-2022-28281

The Mozilla Foundation Security Advisory describes this flaw as: If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable cra...

8.8CVSS2.5AI score0.02556EPSS
Exploits1References5
NVD
NVD
added 2021/06/24 2:15 p.m.18 views

CVE-2021-24001

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...

4.3CVSS0.0057EPSS
Exploits0References2
Prion
Prion
added 2021/06/24 2:15 p.m.31 views

Design/Logic Flaw

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...

4.3CVSS4.8AI score0.0057EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/24 1:20 p.m.22 views

CVE-2021-24001

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...

5.9AI score0.0057EPSS
Exploits0References2
Veracode
Veracode
added 2021/04/22 4:51 a.m.23 views

Sandbox Escape

firefox is vulnerable to Sandbox escape. A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations.blicized, the details for this candidate will be provided...

4.3CVSS0.7AI score0.0057EPSS
Exploits0References3Affected Software7
OSV
OSV
added 2021/04/19 12:0 a.m.1 views

UBUNTU-CVE-2021-24001

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...

4.3CVSS6.9AI score0.0057EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/26 10:11 a.m.7 views

Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process

When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox 78...

6.5CVSS7.3AI score0.01392EPSS
Exploits0References5
NVD
NVD
added 2020/01/08 9:15 p.m.17 views

CVE-2019-11765

A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted...

6.5CVSS6.2AI score0.00844EPSS
Exploits0References2
Rows per page
Query Builder