Lucene search
K

4373 matches found

OSV
OSV
added 2019/07/23 2:15 p.m.8 views

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS8.3AI score
Exploits0References13
Prion
Prion
added 2019/07/23 2:15 p.m.18 views

Code injection

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

7.5CVSS9AI score0.01685EPSS
Exploits0References4Affected Software3
Cvelist
Cvelist
added 2019/07/23 1:23 p.m.20 views

CVE-2019-9819

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

6.1AI score0.01685EPSS
Exploits0References4
CVE
CVE
added 2019/07/23 1:23 p.m.309 views

CVE-2019-9819

The CVE-2019-9819 issue is a JavaScript compartment mismatch involving the fetch API that can cause a crash. Affected products include Thunderbird (and Firefox components) with versions below 60.7 for Thunderbird and below 67 for Firefox/Firefox ESR; impact is described as potentially exploitable...

9.8CVSS6.1AI score0.01685EPSS
Exploits0References4Affected Software3
AlpineLinux
AlpineLinux
added 2019/07/23 1:23 p.m.44 views

CVE-2019-9819

A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

9.8CVSS6.5AI score0.01685EPSS
Exploits0
Cvelist
Cvelist
added 2019/07/23 1:16 p.m.24 views

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

7.1AI score0.20271EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2019/07/23 1:16 p.m.40 views

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.8AI score0.20271EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/07/23 1:16 p.m.74 views

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.3AI score0.20271EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2019/07/16 8:27 p.m.2 views

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.3AI score0.20271EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/07/15 1:40 p.m.106 views

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.3AI score0.20271EPSS
Exploits0References5
Veracode
Veracode
added 2019/07/15 12:7 a.m.26 views

Information Disclosure

firefox is vulnerable to information disclosure. A cross-origin policy vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be use...

6.5CVSS7.5AI score0.20271EPSS
Exploits0References15Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/07/15 12:0 a.m.98 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1823-1)

The SUSE Linux Enterprise 12 SP 2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: In the Linux kernel, a device could be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP...

9.8CVSS6.4AI score0.06821EPSS
Exploits4References36
RedHat Linux
RedHat Linux
added 2019/07/11 6:17 p.m.5 views

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.3AI score0.20271EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/07/11 6:0 p.m.60 views

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.3AI score0.20271EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/07/11 5:20 p.m.7 views

Mozilla: Same-origin policy treats all files in a directory as having the same-origin

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.3AI score0.20271EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2019/07/11 12:0 a.m.35 views

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS6.9AI score0.20271EPSS
Exploits0References5
OSV
OSV
added 2019/07/11 12:0 a.m.1 views

UBUNTU-CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS6.9AI score0.20271EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2019/07/09 12:0 a.m.53 views

KLA11524 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, cause denial of service, perform cross-site scripting attack, obtain sensitive information, execute arbitrary code. Below is a...

9.8CVSS10AI score0.20271EPSS
Exploits2References3
The Hacker News
The Hacker News
added 2019/07/03 3:39 p.m.120 views

17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device

Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer. Barak Tawily, an...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2019/07/03 3:39 p.m.1 views

17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device

Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer. Barak Tawily, an...

6.9AI score
Exploits0
Rows per page
Query Builder