CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

101 matches found

Tenable Nessus•added 2022/12/15 12:0 a.m.•18 views

RHEL 8 : firefox (RHSA-2022:9069)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9069 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

9.8CVSS8AI score0.00921EPSS

Exploits0References14

Tenable Nessus•added 2022/12/15 12:0 a.m.•31 views

RHEL 8 : thunderbird (RHSA-2022:9078)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9078 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.6.0. Security Fixes: Mozilla:...

9.8CVSS8AI score0.00921EPSS

Exploits0References16

RedHat Linux•added 2022/04/11 2:38 p.m.•1 views

Mozilla: Out of bounds write due to unexpected WebAuthN Extensions

The Mozilla Foundation Security Advisory describes this flaw as: If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable cra...

8.8CVSS7.3AI score0.02577EPSS

Exploits1References6

RedHat Linux•added 2022/04/11 2:18 p.m.•1 views

Mozilla: Out of bounds write due to unexpected WebAuthN Extensions

8.8CVSS7.3AI score0.02577EPSS

Exploits1References6

RedHat Linux•added 2022/04/08 2:48 p.m.•0 views

Mozilla: Out of bounds write due to unexpected WebAuthN Extensions

8.8CVSS7.3AI score0.02577EPSS

Exploits1References6

RedhatCVE•added 2022/04/06 2:50 p.m.•48 views

CVE-2022-28281

8.8CVSS2.5AI score0.02577EPSS

Exploits1References5

NVD•added 2021/06/24 2:15 p.m.•14 views

CVE-2021-24001

A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox 88...

4.3CVSS0.0057EPSS

Exploits0References2

Prion•added 2021/06/24 2:15 p.m.•28 views

Design/Logic Flaw

4.3CVSS4.8AI score0.0057EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/06/24 1:20 p.m.•13 views

CVE-2021-24001

5.9AI score0.0057EPSS

Exploits0References2

Veracode•added 2021/04/22 4:51 a.m.•22 views

Sandbox Escape

firefox is vulnerable to Sandbox escape. A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations.blicized, the details for this candidate will be provided...

4.3CVSS0.7AI score0.0057EPSS

Exploits0References3Affected Software7

OSV•added 2021/04/19 12:0 a.m.•0 views

UBUNTU-CVE-2021-24001

4.3CVSS6.9AI score0.0057EPSS

Exploits0References4

RedHat Linux•added 2020/08/26 10:11 a.m.•6 views

Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process

When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox 78...

6.5CVSS7.3AI score0.01392EPSS

Exploits0References5

RedHat Linux•added 2020/08/26 8:49 a.m.•3 views

Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process

6.5CVSS7.3AI score0.01392EPSS

Exploits0References5

NVD•added 2020/01/08 9:15 p.m.•17 views

CVE-2019-11765

A compromised content process could send a message to the parent process that would cause the 'Click to Play' permission prompt to be shown. However, due to lack of validation from the parent process, if the user accepted the permission request an attacker-controlled permission would be granted...

6.5CVSS6.2AI score0.00844EPSS

Exploits0References2

OSV•added 2019/10/23 12:0 a.m.•0 views

UBUNTU-CVE-2019-11765

6.5CVSS6.8AI score0.00844EPSS

Exploits0References4

RedHat Linux•added 2019/09/04 8:14 p.m.•3 views

Mozilla: Sandbox escape through Firefox Sync

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

9.3CVSS7.3AI score0.01302EPSS

Exploits0References5

UbuntuCve•added 2019/03/20 12:0 a.m.•18 views

CVE-2019-9799

Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox 66...

7.5CVSS7.1AI score0.0115EPSS

Exploits0References4

OSV•added 2019/03/20 12:0 a.m.•1 views

UBUNTU-CVE-2019-9799

7.5CVSS7.1AI score0.0115EPSS

Exploits0References5

Microsoft CVE•added 2018/12/11 8:0 a.m.•40 views

Internet Explorer Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions. An attacker who exploited the vulnerability could run arbitrary code with medium-integrity level privileges the permissions of the curre...

7.6CVSS2.7AI score0.45762EPSS

Exploits2

Microsoft CVE•added 2018/09/11 7:0 a.m.•28 views

Internet Explorer Memory Corruption Vulnerability

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerabilit...

7.6CVSS1.5AI score0.12895EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by